Oops! You got caught.
You just installed a plugin on a fake website. This installation could have infected your computer with malware or sent confidential files to strangers on the Internet.
In an email you were informed about a security update from McAfee, which you need to install.
You could have easily seen through this particular attack based on the following points:
- SQS does not use McAfee at all and it is very unusual that you would be informed directly by a manufacturer about a security update.
- The sender was also forged (mcaffee.ch with double «f»)
- On the unknown website you were asked to install a «plugin». Such actions make it easier to install malware on your device.
Note: This attack was part of an awareness training program. No data was transferred and no malware was installed.
Preventing the attack – Tips
Just clicking on a link in an email can put you and SQS at risk. Be wary of all e-mails that arrive in your inbox:
- Be suspicious: How does the sender know your address and why are you receiving the e-mail?
- Check the plausibility.
- Don't just click on links – check first, then click.
- Never enter your password on unknown websites.
- If in doubt please contact the Service Desk, Tel. +41 58 710 35 88
Cyber criminals use a good story to try to get their victims to click on a link. The link takes you to a website somewhere on the Internet, where malware may be waiting to exploit existing vulnerabilities on your computer and causing a great deal of damage.