Oops! You got caught.
You have just entered your password on a phishing website. Your password could now be in the hands of cybercriminals.
In an email – allegedly from the service desk – you were informed that a lot of private data had been found on SQS user drives and that they would soon be deleted. You have been provided with a link where you can back up your private data.
You could have easily seen through this particular attack based on the following points:
- The sender address was fake (firstname.lastname@example.org).
- The content of the email was very unusual. How does SQS know which data is private? And why should it be deleted all at once within a few days?
- The layout of the email was not familiar and did not indicate that it could be a real email from the SQS Service Desk.
- The website was also unprofessional and not trustworthy.
Note: This attack was part of an awareness training program. No data was transferred and no malware was installed.
Preventing the attack – Tips
Just clicking on a link in an email can put you and SQS at risk. Be wary of all e-mails that arrive in your inbox:
- Be suspicious: How does the sender know your address and why are you receiving the e-mail?
- Check the plausibility.
- Don't just click on links – check first, then click.
- Never enter your password on unknown websites.
- If in doubt please contact the Service Desk, Tel. +41 58 710 35 88
Cyber criminals use a good story to try to get their victims to click on a link. The link takes you to a website somewhere on the Internet, where malware may be waiting to exploit existing vulnerabilities on your computer and causing a great deal of damage.
You were also asked to enter your SQS username and password on the website. The credentials end up on the attackers infrastructure. They can for example use it to try to access SQS webmail and thus gain access to potentially sensitive information.