So you receive an unexpected e-mail from a stranger, with the subject of “Important Notice” and it contains an attachment. If you’ve received L2 Cyber Security Solutions Security Awareness Training, then you consign this phishing e-mail to junk/spam and move on with your life.
However, if you do open the file, you get what looks like a spreadsheet, but it needs you to log in to Microsoft Excel (for some reason).
The attachment was not a spreadsheet, but was in fact a web page type file (officially a HTML document) and it contains hidden computer code that will transmit any login details you give it to the evildoers who created this. Of course you have turned on two factor authentication for your e-mail … right? That means that even if you did enter your e-mail address and password into this sneaky phishing attack, you will be safe from your e-mail account being compromised because the criminals will need your phone to allow them access to your account. However now would be a good time to change your password anyway (just in case they get your phone).
If you fell for this and have not turned on two factor authentication on your e-mail account, then please go and change your password immediately. If you have used that password on other accounts (like Facebook, LinkedIn, PayPal, etc.), please go and change them all immediately too – and for the love of dogs, please turn on two factor authentication in whichever services provide it! It really will make you more secure.
Fortunately the website to where the details are transmitted has been blocked, but this just shows how creative the bad guys are. You can’t let your guard down for a moment. They are always trying to compromise you.
And lets be careful out there!