This morning, that was me! \u00a0 And, even as hyper-aware as I am, I still *nearly* clicked on it.<\/p>\n
![\"\"](\"http:\/\/kinetics.co.nz\/wp-content\/uploads\/2019\/06\/phishing.jpg\")
<\/p>\n
Thankfully (or rather – thanks to Microsoft ATP) , the message ‘unsafe attachments blocked’ was a good warning.<\/p>\n
Then of course, a closer inspection tells the story – firstly, our voice messages look very different to this, AND we haven’t changed the system lately, and thirdly, that email address is really suspect.<\/p>\n
The point is, even though those clues are VERY obvious,\u00a0 the busier you are, the more vulnerable you are.<\/strong> \u00a0 The more layers of security we can add, the more risk we can reduce (but alas, never eliminate)<\/p>\n <\/p>\n Then I received this little beauty \u2026\u00a0 its just the ‘admin-alerts’ in the email source that stands out – everything else looks legitimate.<\/p>\n <\/p>\n <\/p>\n If you then follow the link, say to look at the quarantine page\u00a0(which, by the way, is spelt incorrectly in the email), it takes you to a page that looks legitimate, where you would enter your login details to access the logs – which almost seems sensible, except again the URL of the page is clearly false.<\/p>\n <\/p>\n Very sneaky and almost looks legitimate.\u00a0 You have to be so careful.<\/strong><\/p>\n However, using a tool like “message header analyser”, you can quickly see there is nothing legitimate about it.<\/p>\n Please be on your guard!<\/strong><\/p>\n <\/p>\n <\/p>\n [\/et_pb_text][\/et_pb_column][\/et_pb_row][\/et_pb_section]<\/p>\n","protected":false},"excerpt":{"rendered":" You are most vulnerable when you are busy, frantically jumping from call to call, meeting to meeting, distraction to distraction. \u00a0 So when you get a dodgy email,\u00a0 it’s very easy to open it. This morning, that was me! \u00a0 And, even as hyper-aware as I am, I still *nearly* clicked on it. Thankfully (or […]<\/p>\n","protected":false},"author":5,"featured_media":1716,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"on","_et_pb_old_content":"You are most vulnerable when you are busy<\/strong>, frantically jumping from call to call, meeting to meeting, distraction to distraction. \u00a0 So when you get a dodgy email,\u00a0 it's very easy to open it.\n\n[header2 text=\"This morning, that was me! \u00a0 And, even as hyper-aware as I am, I still *nearly* clicked on it.\" align=\"left\" color=\"#336A40\" margintop=\"\"]\n\n![\"\"](\"http:\/\/kinetics.co.nz\/wp-content\/uploads\/2019\/08\/SneakyPhishing.jpg\")
<\/a><\/p>\n<\/a><\/p>\n<\/a><\/p>\n\n\nThankfully (or rather - thanks to Microsoft ATP) , the message 'unsafe attachments blocked' was a good warning.\n\nThen of course, a closer inspection tells the story - firstly, our voice messages look very different to this, AND we haven't changed the system lately, and thirdly, that email address is really suspect.\n\nThe point is, even though those clues are VERY obvious,\u00a0 the busier you are, the more vulnerable you are.<\/strong> \u00a0 The more layers of security we can add, the more risk we can reduce (but alas, never eliminate)\n\n \n\nThen I received this little beauty \u2026\u00a0 its just the 'admin-alerts' in the email source that stands out - everything else looks legitimate.\n\n<\/a>\n\n \n\n[wow_spacing size=\"20px\"]\n\nIf you then follow the link, say to look at the quarantine page\u00a0(which, by the way, is spelt incorrectly in the email), it takes you to a page that looks legitimate, where you would enter your login details to access the logs - which almost seems sensible, except again the URL of the page is clearly false.\n\n \n\nVery sneaky and almost looks legitimate.\u00a0 You have to be so careful.<\/strong>\n\nHowever, using a tool like \"message header analyser\", you can quickly see there is nothing legitimate about it.\n\nPlease be on your guard!<\/strong>\n\n \n\n<\/a>\n\n \n\n<\/a>","_et_gb_content_width":"","footnotes":""},"categories":[4],"tags":[],"class_list":["post-3652","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/posts\/3652","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3652"}],"version-history":[{"count":0,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/posts\/3652\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/"}],"wp:attachment":[{"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3652"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3652"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3652"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}