Yesterday some of you may have received a message that looked like this:
This message was inadvertently sent after a staff member accidentally clicked a link in a malicious email message. It’s amazing how far our social networks extend. Hundreds of people received this message – all around the world! If any of these recipients thought this was a legitimate message and clicked the link, the entire process restarted, affecting everyone in their contact list.
Why did we fall for this?
This type of compromise is called a Phishing Attack. This is a easy thing to fall for. The initial message almost looks legitimate. If we are quickly moving through an inbox full of email anyone can miss it and click one bad link. The malicious email is most likely written in a way that tricks us into disclosing personal information (passwords, bank information, etc.).
How can we keep it from happening?
There are a few key points we should consider:
- Don’t trust your friends – Just because an email comes from someone you know doesn’t necessarily mean that it’s legitimate. It is trivially easy to send an email and pretend that it is actually coming from someone else.
- What are they saying in the message? Is it something completely different than what they normally send? Does it involve clicking a link and entering in a password? Why would they need a password to share something with you?
- It is generally a bad idea to click a link in an email asking for login information. If you need to transmit information across the internet to a company browse directly to their website first to log into their system. Don’t click a link unless you are expecting it (password reset, normal monthly statement, etc.).
- If you do click on a link take a few moments to carefully inspect the website. Does it look legitimate? Is the website address in the address bar legitimate?
- Read this article on Microsoft’s Security Center: What is Phishing?
I clicked the link! What do I do now?
Clicking the link doesn’t necessarily mean that your computer is infected. If you closed the website without entering any information you should be ok. If you did enter a username and password then you need to consider the following:
- What username/password did I use?
- What system uses that password?
- Do I use that password in multiple places?
You should reset the password immediately for any account uses the compromised password. If you use the same password (or same few passwords) everywhere then you should change them immediately wherever they are used. This is very important!
Make sure that you are running an up to date Antivirus program. Run a full scan of your computer. Make sure that the scan comes up clean. If your antivirus software is out of date then consider running Housecall from Trend Micro. Once that scan completes update your Antivirus software.