This is our archive of security alerts sent on an ongoing basis to all SafSecur clients. This is part of our dedication to keeping our clients safe from breaches and potential threats.  SafSecur takes a proactive approach to ensuring the secure, continued operation of our clients IT infrastructure.

 Have questions as to how any of these alerts might affect your business? Reach out to us at info@safsecur.com for details.

Sharepoint Attachment Warning

Always question anything that comes through with a SharePoint or OneDrive link attached. While you could receive something legitimate with those products, they are the most targeted and are prone to these types of things.
Anytime you receive something even slightly questionable, we recommend reaching out to the sender via PHONE just to be certain. Replying back to the email is NOT a good idea.

March 12, 2020: Fake Email Scam

Many times you may think your email is “hacked”, when in reality, it’s incredibly easy to start a scam/spoofing campaign.  The below screenshot is a perfect example and I’ll explain how this one happened.

There are people out there that have nothing better to do so they go to a domain purchaser (I.E. Go Daddy) and buy a random domain for $12.00.  They then setup an email address on the phony domain.  When creating the email within the portal, it asks the simple question of “what’s your name”.  The person enters a senior manager, or the business owner’s name, of a particular company that they want to target.  The highlighted text below shows the phony domain and the business owners name (I changed it to John Smith for obvious reasons).  Most of us simply see the person’s name and think it’s legitimate since they may be our boss.  We don’t necessarily pay much attention to the email address.

Now, the malicious person goes to that company’s web site and finds the staff’s names.  They simply send an email similar to the below to everyone at that company and it looks like it’s coming from the manager/owner.

We also have more details on this one.  You may ask, so what happens if I reply, how would they get anything from me??  Well, just replying isn’t going to hurt anything, unless you take it further.  On the below example, one of the users starting replying and the person asked them to get $1000 worth of cards and then scratch off the back.  Once you scratch the back, there is a serial number of some sort that’s associated with that card.  They simply asked them to send a picture of the number!

It’s that easy!!

October 8th, 2019: Sharepoint/OneDrive Caution

You may receive an email that appears to be a download from SharePoint.  It may be similar to the below email or it could be a multiple of variations.  I would recommend to always be cautious with anything you receive that appears to be a SharePoint or OneDrive download.

Example:

July 31, 2019: Pending Email Scam

If you receive any emails similar to the following, then please delete.  The ‘From’ will show a bogus address, and the only thing in the body of the email will be that you have pending emails from your organization.

July 14th, 2019: Account Protection

If you receive any emails similar to the following, then please delete.  The ‘From’ will show a bogus address, and the only thing in the body of the email will be that you have unread emails attached.

HERE’S WHAT SHOWS UP AS THE SENDER.  KEEP IN MIND THAT THIS CAN BE DIFFERENT VARIATIONS:

From: account-noreply security-account-protection-security-team.com <sanaacompany@hotmail.com>
Sent: Monday, July 15, 2019 3:10 PM
To: account-noreply security-account-protection-security-team.com <sanaacompany@hotmail.com>
Subject: Your messages are on hold

HERE IS WHAT YOU WILL SEE IN THE BODY:

You have 4 unread emails attached

IF YOU DO OPEN THE ATTACHMENT, WHICH HOPEFULLY YOU DON’T, THIS IS WHAT YOU WILL SEE.  PLEASE DON’T CLICK THE LINK:

May 9th, 2019: Compliance Email

If you receive any emails asking to review your compliance documents, then please delete.  I removed the person’s company and contact info for privacy reasons.  Please see the below screenshot with an example of what you may see.

April 16th, 2019: Email Alert

If you receive anything that shows encrypted files and asking for you to click on a link, then always pick up the phone and call the sender prior to opening.  This one in particular is asking to verify closing documents.  Many times these emails will not only show the senders name, but also their correct email address, which is what this one did.  I removed the person’s contact info for privacy reasons.

This one also appears fishy due to the person’s grammar…………see below:

February 25, 2019

I know I’ve stressed being careful with OneDrive or SharePoint downloads, but here is another one that we were made aware of today.  I would recommend that if you get ANY email that contains a OneDrive/SharePoint download, that you call the sender prior to opening the link.  More than likely you’ll find that the email is NOT legitimate.

January 14, 2019: OneDrive/SharePoint Fake Email

Question any email that says that something is being shared from OneDrive or SharePoint.  Here is a new one we are seeing today:

Here’s another example of a fake email from Sharepoint/OneDrive,  you can tell it’s SPAM by the domain name in the From address:

January 14, 2019: Banking SPAM Email

If you receive anything that looks like it’s coming from Bank of America, please verify its legitimacy prior to opening.  This email is spam, as you can tell by the domain name with the red rectangle below.  It also looks fishy in many other ways, but things can easily be looked over.