Read This if You’ve Filled Out a Contact Form Recently
Brian Gibbs
Cybersecurity Enabler, Saving Companies Daily from Cybersecurity Threats | Lead Cybersecurity Instructor | CvCISO | CISSP | QTE | Fun-loving Dad
You’ve been on those websites where the only way to email the company was via their website contact form…
Most do this, and for good reasons, however...
Recently, Microsoft issued warnings to several organizations after victims of a Malware attack filled out a website contact form and received a malicious link taking them to (supposedly) the information they had requested…
Instead, the link directed them to download an application called IcedID - It’s Malware! What we call Trojan Software is designed for compromising your computer.
This Window’s-based banking trojan then infiltrated their account, stealing their banking credentials, and in some cases, launching ransomware attacks or taking over their computer keyboard.
Scary stuff.
Most people expect to receive a confirmation email after filling out a contact form on a website…
But be wary of non-legitimate links launching infectious Malware. In this case, the emails sent to the victims did not have the typical marks of a malicious message.
As technology gets smarter, so do the hackers. It’s getting hard to tell what’s real and what’s not. This means taking an OFFENSIVE approach to securing data and assets! You can’t assume every link is safe - and we all need to be on high alert when it comes to email links!
Corporate Cybersecurity Strategist | vCISO | CCA | The Security Narrative | Security Compliance
3 年I see them often.
Interesting