New Barrage of Scams

Ugh! An Onslaught of Phishing

 I have to say, we’ve seen an increase in phishing attempts. Here are a few examples—please share them with your staff, family, and friends.

 DocuSign Phishing Scam

Larry was expecting a DocuSign document via email. He noticed one in his Junk, so he decided to take a look.

This looked really ‘good’ but with trained caution, he took a better look before clicking anything. Here’s what he noticed, and some things you should look for when you’re deciding whether to click a link or not.

The subject line didn’t have any reference about who this was from. Usually there’s a name of a business in the subject line of the email. Next, he noticed that the link to see the completed documents did not point to DocuSign!  In fact, the link to ‘About DocuSign’ didn’t even point to a DocuSign address!

When Larry sent it over so I could share, I noticed it was from DocuSign.net, but if you check, the real DocuSign ends in .com. I also noticed the document name started with ‘20181010 …’ as if it was from two years ago.

So the Junk flag did its job this time, giving enough warning to dig deeper before clicking anything. Remember: if you’re not sure, just send it to us and we’ll take a look. Be cautious! The wolves are out there!

Renewing Internet Service

Recently, a client renewed their AT&T service. They didn’t know there’s a better service available, which would have been faster and less money.

You’ve probably heard it said, ’There is wisdom in a multitude of counselors.’  There are definitely savings! Paying for a little tech advice would have saved a lot of money and frustration. Just give us a call!

Password scam—the ‘From’ was the right domain name, but the ‘user’ was ‘sysadmin,’ which was fake. The Subject starts with ‘DO NOT REPLY—Password Notice’ followed by a long string of numbers/letters. Then it said it was reported by syscon-inc.com.

In the body of the email, it says that my password expires today. Use the button below to continue with the same password. There’s a colorful button I can click to ‘Keep the same password.’ Then there’s another note that this is for user verification designed to shut down malicious users.

Bottom Line: They just want credentials. Network passwords may expire, but the email password by itself doesn’t expire, and we’re not sending these notices. DELETE!

OneDrive Scam—this one came from ‘cs1.me@freightsystems.com’ saying I had a new document from ‘your contact’ and had a link to View Document. DELETE!

Office 365 scam—this came from Syscon-inc <watanabe@rpj-co.com> and said, ‘We’ve restricted the delivery of 3 incoming emails.’ There was a link to Retrieve_Messages. DELETE!

Zoom scam—this one came from Zoom Meeting <mfarese@mfareseagency.com> saying there was a Conference Meeting. The body of the email was filled with number strings and gibberish with a bright red bar that linked to the meeting. DELETE!

Sync Error scam—This one was also from someone being used as a spam relay. It said syscon-inc.com <mike@precisionalarminc.com>. The subject line said there was a Sync Failure and there was an attachment. You might really have a sync error, but if that’s a possibility, call us; do not open the attachment; DELETE! – CMW