Excellimore

Excellimore provide IT support and cyber security solutions for flexible working

More Ransomware Activity

posted on

It looks like that there’s another co-ordinated ransomware attack under way today, judging from reports in the Financial Times and The Guardian this afternoon. I was asked at one of our Excellimore Insights seminars a couple of months ago how to tell if an email was suspicious or not, and I’ve got an excellent example to show you which landed in my Inbox this afternoon. It is definitely not what it claims to be so I won’t be following the links to find out what happens!
poisoned email example
poisoned email example
  This screenshot is taken from Outlook 2013, with the email opened but no links clicked.
How to tell if an email links to malware
The points which set off my alarm bells are:
  • I don’t know anyone called Rosetta or Rosett – why would a stranger be emailing me?
  • The name is spelled in different ways in the same email
  • I don’t know anyone else at that company’s email address
  • There’s nothing in the “to” field – no visible recipient
  • I’ve included the “tooltip” in this screenshot – that’s the wee box which hovers on screen when you move the mouse over a link – and you can see that the links (the two lines highlighted in blue) would take you to somewhere other than the sender’s domain
  • You’ll see a placeholder for an image which you can choose to download or not; again, hover the cursor over it and you’ll see the link to the image. In this case the link is the same as the other two links – in a legitimate email you might expect the image to be linked to somewhere different than the other links to the offered document
  • And finally, there’s no email footer in this one such as you would expect in a business email – although there very often is in the extremely plausible phishing emails purporting to be from banks or the like
Because the links from the email to elsewhere are (a) all the same and (b) not to a domain which might be expected, it’s a reasonable guess that this email is prompting you to download malware. Don’t event think of trying it out “to see what happens” – the consequences are far too severe to muck about with this! We hope this is useful – gang warily!

Latest News

Keeping Control of your Mobiles

Reduce the chances of data leakage from mobile devices by installing software correctly and controlling how devices connect to your Microsoft 365 system.

Can Politicians Use SharePoint?

Why is it possible for our politicians to email confidential documents when simple and more secure solutions exist in Microsoft SharePoint?

Where should I save my files?

With Microsoft 365 we can save our files in OneDrive, Teams, or SharePoint. Let’s take a look at which one to use, when, and why.

SITE BY: SHINE - design & digital

Cookies

Our site uses cookies, please see our cookie policy for more details.