For those that follow me and/or Sourcepass on LinkedIn and other social media platforms, you will have seen that we recently announced our TeamUp Partnership through Acronis with the Philadelphia 76ers.
Well, some bad guys must have taken note, as well.
Earlier today, I received an email with the subject line "Attached is the Remittance Advice for Sourcepass dated 1/18/2024." from a sender with a spoofed reply address of XXX@phl76ers.onmicrosoft.com.
I was pretty confident that it was our internal security team testing if I've been practicing good email anti-phishing habits, so I clicked on the "Report to Sourcepass" button in my mail browser which sent the email to our security team for review.
John from the team quickly got back to me and pointed out this was a perfect example of an email extortion attempt. The initial email attachment turned out to be harmless but was designed to have me reach back to them in which they would send further documents or links, presumably with a malicious payload.
Phishing Inspired by Social Posts: We Wary of What You Post!
Be aware that when you put news out on social media, people take notice - and not always the people you'd like to have notice. As always, the best email filter is a healthy dose of skepticism. Talk to us about ways to educate your users to spot similar emails and arm them with the ability to submit questionable emails for review.
Dave DelVecchio is the Sourcepass VP of Marketing and Communications. Reach out to Dave at (877) 678-8080.