Jump to content

Malware/Phishing??


Recommended Posts

Hello,

Being a little absent minded these days I inadvertently clicked on a link in an email (on ipad) stating I received an e-card from someone.  It went to a company site and I didn't enter any information. I just closed the window.

I have Malwarebytes installed and it didn't pop-up anything and I know I can't scan my ipad but from the link below do you think I'm ok?

tia

http://cdn.456greeting.com/ecards/id/2W8LXWO52O9Y/4312f0/bf635224-083d-4582-82b3-5327e5a1150d/?

Edited by tcc
Link to post
Share on other sites

There are companies that perform regular Security Awareness Training for their personnel.  Some perform live tests to see if staff fall for Social Engineering exploitation attempts.  If they do, they are redirected to sites that indicate that they are a simulation of a malicious site.  The URL indicated seems to be one such landing page.

Edited by David H. Lipman
Edited for content, clarity, spelling and/or grammar
Link to post
Share on other sites

Hi @tcc,

Well, the good news is the following was only a test.  Had this been a real emergency, a whole company could have been compromised to a malware attack such as ransomware😬  In that case, it could cost a company a lot of money and bad press.  I assume this was done via your work email.  I would forward this email to your IT department and tell them you believe it's a dangerous link.  Then ask them if they have Malwarebytes installed on all company computers/devices?  With a ransomware attack, it's extremely difficult, if not impossible, to remove ransomware if you don't already have a solid anti-ransomware installed beforehand. Like, (wait for another shameless plug)... Malwarebytes!

Okay, I'm being a little hyperbolic since infecting an iPad with ransomware is less of a concern.  But as your company is pointing out here, it only takes one employee to click on a link on a work computer to take down the empire.  This is how many ransomware attacks you see in the news start.  Kudos to your company for doing some training on phishing attacks.  Also, it was smart not to not enter any personal information and close out the browser as quickly as possible.  Most spam links are just trying to get you enter personal information.

One last piece of advice.  Never use work email for personal emails.  Set up a separate email account for all personal emails.  That way it looks way more phishy to get an e-card in your work email, and less temptation to click the link.  Also, your company can technically see all emails that go through the corporate email server.  😳  Just saying...

 

  • Like 1
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.