Phishing and social engineering attacks are on the rise—83% of respondents to a new report from ProofPoint claim they were targeted by a phishing attempt at least once in 2018. 

While we at Newmind always harp on trends like that, it’s rare we actually encounter an attack in the wild. In February 2019, we caught one:

What happened:

On February 5th, many members of the Newmind Group team received this email, purporting to be from Matt, our CEO:

The sender email, circled in red, was the most obvious giveaway that the email was a hoax. Needless to say, the real Matt Vollmar is not sending emails under the name “tonykim197613”.

The sender had modified their sender name to display as “Matt Vollmar”, and their mailing domain to display as “newmindgroup.com”, and they asked for an urgent response to the email.

What makes this message scarier, is that the attacker was wise enough to add a “don’t call me” message, which would be a quick and easy way to sniff out the attack.

How we responded:

Within 10 minutes, Matt was notified by multiple members of the team that a suspicious email had been sent under his name. Within 20 minutes, Matt sent out a team-wide email assuring that the message did not come from him, and that it should be ignored.

In addition to the obvious signs that the email didn’t come from Matt, our team received automatic warnings from Google, that the email was of suspicious nature.

Your next steps:

Before clicking or responding to an unusual email like this, always inspect the details! That might include:

  • Sender Address
  • Email Domain

Attacks like this typically employ tactics like urgency and fear, to set your instincts off balance and prevent you from realizing it’s a phish until it’s too late. When in doubt, find another way to reach the person in question (phone, chat, or in person), and verify that they’re the one who is trying to reach you.