Unorthodox Phishing Attempt Seeks Email Password

Dermot SmythSecurity and Compliance Officer
Published:
Phishing attempts can come in all forms, shapes and sizes. No matter how familiar you think you are with them, always remember to take extra precaution when opening an email with attachments or links.

Phishing Attempt


Phishing attempts can come in all forms, shapes and sizes. No matter how familiar you think you are with them, always remember to take extra precaution when opening an email with attachments or links. An interesting phishing attempt was recently sent from a school domain that appeared to be VetMeds. The subject line of the email was titled "Assessment document" which featured an attached "encrypted" PDF document that required an email address and password to log in (ref image 2). The attached PDF document was produced with Microsoft Word. The document included a link that indicated it was encrypted and that the recipient needed to click the link in order to decrypt the PDF. Once the PDF was decrypted the link pointed to chai[.]myjino[.]ru which presents a screen with a pretend PDF behind it and a login box that gladly accepts. Updated versions of Acrobat will always ask the recipient before proceeding to a rogue website (ref image 3).

The interesting thing about this particular phishing email is that a VetMeds assessment was the bait, however the masked document at the Russian website is for a SWIFT transaction, there appears to be a mix up with messages.

Fake PDF Example
Image 1

Fake PDF Two, email and password request
Image 2 

PDF Warning for offsite links
Image 3 

Things to be Wary of


Be highly suspicious of emails from domains that do not correspond with its contents. A PDF encrypted email does not work this way, the recipient is never asked for their email address and password. Lastly, always be wary of emails that request personal information such as passwords or bank information, no legitimate body will ever ask for this kind of information over an email. Check out our video on PDF encryption to learn more!

 
1
1,609 Views

Comments (0)

Have a question about something in this article? You can receive help directly from the article author. Sign up for a free trial to get started.