News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • Patch Lady – yeah right pull the other one

    Posted on April 4th, 2019 at 00:35 Susan Bradley Comment on the AskWoody Lounge

    So an email comes into the office and at this time of year we will often get files.  The email is spoofing a person that normally has emailed our firm (it’s a person who is in charge of our professional business society), and the email content isn’t that odd.  Another person in the office forwards it to me to deal with as I’m normally the one who deals with the annoying dropbox or cloud links.  I honestly got as far as clicking on the link…. it’s a sharepoint link from a Microsoft/Office 365 link.  <The virustotal report is here>  Given that the SharePoint site technically isn’t malicious it comes up clean.

    The page resolves and then it urges me to “select my email provider” and “use my email and password to authenticate”.  The ultimate url is branded a phishing site…but not a lot of a/v vendors!!  <The virustotal report is here>

    Needless to say I did not.  But man…. 250% increase in phishing …no kidding.  And some of it hosted on Microsoft’s SharePoint sites no less.