[Phishing] PhishQueue Public Warning - Leaked Password
PhishQueue Public Warning PhishQueue is a Phishing Email Analysis Service designed to allow users to report suspicious messages and receive expert analysis to detect malicious and/or harmful intent. During the investigation of a recent message, PhishQueue analysts at BSI discovered a log file on an attacker’s system listing all users who had submitted their username and password in response to their phishing emails. You are receiving this public warning because your email address and password were found on that list. The reported phishing email contained an attached file that when opened presented the user with a fake Outlook Web App page prompting for login. The message analyzed by PhishQueue had the following properties: Email Subject(s): Scanned Fax Received_Sunday, December 19, 2021.. Scanned Fax Received_Monday, December 20, 2021.. Email Sender: Efax049583@twps.com.au <cnc.sjd@qualimed.com.ph> Email Attachment: info-[EMAIL ADDRESS]23487.shtml What should you do? Change your password immediately and notify your Security/IT department regarding this message. Locate the original phishing message and permanently delete it from your Inbox, Sent Items, Deleted Items and Junk Email folders. (To permanently delete an email, hold down the Shift key while clicking Delete). Consider adding PhishQueue to your organization’s email security defenses. For more information, view our video https://www.youtube.com/watch?v=gjKmnRA4Fcc and contact us at 727-864-5500 or email sales@bsius.com bsius.com - The Special Forces of Cybersecurity DISCLAIMER: PhishQueue and the BSI Analysts make every effort to identify malicious and harmful artifacts in reported emails, but as with any type of forensic investigation, perfect accuracy is unachievable. Treat all unsolicited email with caution. The safest course of action is to confirm directly with the sender via an alternate communication method. Please do not reply to this report as it is sent from an unmonitored mailbox.
Comments