How Cybercriminals tried to steal our companies account details

Phishing (pronounced: fishing) is an attack that attempts to steal money or your identity, by getting you to reveal sensitive personal data such as bank details, credit card numbers or usernames, and passwords. The Cybercriminal's typical tactic is to pretend to be a reputable company, friend, or acquaintance in a fake message, which contains a link to a phishing website.

This is what our team at YNOT Consulting Services experienced in the early hours of today. Luckily, our expert personnel was able to identify the email, investigate it safely and handle it appropriately

Scenario

Early in the morning, our team received an email that looked like a legitimate client’s email that contained an HTML attachment. It had a subject line of "The Remittance Advice for your Invoices is Attached.” Our team immediately found this email suspicious and started investigating due to:

1

The domain that the cybercriminal was using was a suspicious domain that we don't have any relations with.

2

The cybercriminal was sending an “Invoice”. We have not had any previous interaction or purchases with this email domain for them to be sending us an invoice.

3

The cybercriminal sent a pdf and a not secure link asking us to input our credentials before viewing.


This rang alarm bells and our team instantly knew what was happening.

We then analyzed the HTML attachment and found that it directs the user to a "fake" Microsoft Account page to collect the user's Microsoft credentials

Not the only ones

We found that this email was automatically sent and was not only targeting us but many other companies around our region as well. We urge anyone that received a similar email to change their Microsoft Account’s credentials and enable Multi-Factor Authentication (MFA). We will be contacting the companies near us and warning them to keep an eye out for this type of scam.

How to better protect yourself from Cyber-scammers

Think before you click hyperlinks
Don't click links in emails or messages unless you know who the sender is You can check where a hyperlink directs by hovering your mouse over it. Don’t click on the link if you don’t recognize the website.

Check if emails and messages look legitimate
If you receive an email that may seem suspicious to you, make sure to check that:

  • it looks legitimate
  • it is addressed to you (not sir/madam)
  • it is addressed to you (not sir/madam)
  • double-check the domain the email was sent from (@legitimateemail.com)
  • there are no spelling mistakes
  • there are no faded or blurry images or company logos


If you think you may have received a scam email, text message, or social media message, you can:

  • block the sender
  • delete the message or email

Thanks for reading! I hope that I was able to give a better insight into cyber security threats and how our team at YNOT Consulting handled an attack on us. We wish for all of you to be safe online and stay aware of all the new online scams that they may come up with.


Author: Ian Dela Cruz
Published on 29/06/2023 : 14:55

At YNOT, we are committed to making the process as easy and stress-free as possible.

Contact Us
  • ABN: 82 614 082 183
  • Phone: (02) 5134 4968
  • Email: [email protected]
  • Address: 103/32 Mort St, Braddon ACT 2612

Useful Links

Our Services

Our Application Library

©YNOT Consulting Services 2024 All rights reserved.