Warning. Contains offensive language.
There is a new Phishing email scam going around and it’s making it through spam filters. I’ve received two of them in the last two weeks and the second one expanded to other people in the company as well.
What is phishing?
A phishing email is designed to get you to click on a link by making it look legitimate. In this case the email also tries to illicit a knee jerk reaction from you which would cause you to click. How does it do that? It directs foul language at you from a supposed customer of yours. They are hoping that you’ll be so offended that you click before realizing that you don’t actually have a customer by that name.
Here’s are two examples:
What happens if you click the link?
I analyzed the link. After clicking on it, a program is downloaded to your computer and a Word document opens.
The program that downloads attempts to run and if successful it collects your IP address, logged in user, computer name and a bunch of other statistics about you and your computer.
The word document looks like the one above which is contains instructions for enabling macros so the malware can run. The file contains a macro which runs upon opening and loads a key logger to capture any user names and passwords that you enter from now on and information about which files you have access to. It also queries information about the domain to which you are joined.
It also calls out to several servers in the USA and Bulgaria. From which other files are downloaded to your computer. These other files were not analyzed but are likely other data collection malware. In case your anti-virus catches one, there are others ready to take it’s place.
What doe it all mean?
It means if you were successfully phished and clicked the link that the bad guys have installed software on your computer that is gathering your usernames and passwords. They will use this information to steal from you. They will open accounts in your name. They will transfer money from your bank account. They will add an employee to your payroll. They will find any way to make money from you that they can.
What should you do?
- Report the email
- Tell us if you clicked the link
- We will then help by cleaning the computer
- We will help you change your passwords
- We will help you sign up for fraud protection
Please, please, please
Send this email to everyone in your office. Every single person needs to know how to avoid being phished.
Please, please, please
Schedule a lunch and learn with us to train everyone on safe computer use. Knowing how to type and use a mouse is not the same as being a safe computer user. Avoiding being scammed requires everyone to know what to look for and how to react.
– Amy Babinchak, president Harbor Computer Services
About Harbor Computer Services
Harbor Computer Services is an IT firm servicing Southeastern Michigan. We work exclusively under contract with our clients to provide technology direction and either become the IT department or provide assistance to the internal IT they already have. We have won many awards for our work over the years, including the worldwide Microsoft Partner of the Year in 2010. We’re the smallest firm to have ever won this most prestigious award. Most recently we were recognized as one of the top 20 visionaries in small business IT by ChannelPro Magazine (2015). And in 2016 as the top Michigan IT firm for Manufacturing. There are a few simple things that make Harbor Computer Services the best choice for your business. •We are Professionals •We are Responsible •We are Concerned About The Success of Your Business