DHS Email Phishing Scam

Original release date: June 18, 2019

The Cybersecurity and Infrastructure Security Agency (CISA) is aware of an email phishing scam that tricks users into clicking on malicious attachments that look like legitimate Department of Homeland Security (DHS) notifications. The email campaign uses a spoofed email address to appear like a National Cyber Awareness System (NCAS) alert and lure targeted recipients into downloading malware through a malicious attachment.

CISA encourages users and administrators take the following actions to avoid becoming a victim of social engineering and phishing attacks:

Be wary of unsolicited emails, even if the sender appears to be known; attempt to verify web addresses independently (e.g., contact your organization’s helpdesk or search the internet for the main website of the organization or topic mentioned in the email).
Use caution with email links and attachments without authenticating the sender. CISA will never send NCAS notifications that contain email attachments.
Immediately report any suspicious emails to your information technology helpdesk, security office, or email provider.

This product is provided subject to this Notification and this Privacy & Use policy.

Source link

admin

Next ISC Releases BIND Security Updates »

Previous « Microsoft Releases June 2019 Security Updates

This website uses cookies.

DHS Email Phishing Scam

Recent Posts

Palo Alto Networks Emphasizes Hardening Guidance

Citrix Releases Security Updates for NetScaler and Citrix Session Recording

CISA Releases Three Industrial Control Systems Advisories

CISA Adds Four Known Exploited Vulnerabilities to Catalog

Guidance: Framing Software Component Transparency: Establishing a Common Software Bill of Materials (SBOM)

CISA Adds Three Known Exploited Vulnerabilities to Catalog