IT Service Blog

Tuesday, Jun 29, 2010 6:12 PM

Be On Guard Against Social Engineering

By Corban Brent

(2 comments)

This is a reminder to all Zypes customers that e-mail phishing is increasingly becoming a threat to the security and privacy of your networks.

We have recently become aware of a phishing scam that purports to be from Zypes Support. The email states:

Hello,

We received your request to reset your zypes.com password. To confirm your request and reset your password, follow the instructions below. Confirming your request helps prevent unauthorized access to your account.

If you didn't request that your password be reset, please follow the instructions below to cancel your request.
CONFIRM REQUEST AND RESET PASSWORD
Click on the following web address:

https://zypes.com/EmailPage.srf?emailid=mail/?shva=1#inbox/12983ccaa8732d93 (We have changed the URL targets to fun a site in this email as example)

CANCEL PASSWORD RESET

Click on the following web address:

https://zypes.com/EmailPage.srf?emailid=mail/?shva=1#inbox/12983ccaa8732d944  (We have changed the URL targets to fun a site in this email as example) 

Thank you,

zypes.com

NOTE: Please do not reply to this message, which was sent from an unmonitored e-mail address. Mail sent to this address cannot be answered.

If you receive an E-mail like this, DO NOT CLICK ON OR COPY LINK TO ADDRESS BAR - Please delete email a.s.a.p. This is a dangerous phishing scam and if you hover your curser over the highlighted link, a box will appear showing you the actual URL path of the link, which is not Zypes.  

(The actual URL points to a site other than Zypes. We have changed the URL targets to fun a site in this email as example.) Note that hovering your cursor over an address is not a guarantee of safety either, as web url’s can be spoofed.  When in doubt, throw it out.

It is good practice to never click links in email from known targets, such as paypal.com.  Always type these addresses in manually rather than clicking email links.

Clicking on the link can cause you major IT headache and could be financially devastating, allowing criminals to have access to sensitive information such as usernames, passwords and credit cards, which could take years to recover from.

Although we monitor for threats on your Networks, Criminals are becoming more and more creative and more determined to acquire access to your private information.  Social engineering (attacks targeted at end users) is the new frontier of internet security. This requires diligence on both the part of Zypes admin and our Clients, to have a safe and healthy IT environment for years to come.

Sincerely

Corban Brent

Account Manager

2 comments so far:

By outsourcing services

(Wednesday, Dec 1, 2010 6:15 PM)

some bad effects of social engineering is phising

By ben

(Monday, Jan 10, 2011 7:11 PM)

This is interesting. This sounds like a really big scam for Zypes to get your username and password.

Post a comment:

Archives: