Gartner Blog Network


After WannaCry 1.0 comes the WannaScammer

by Jonathan Care  |  May 18, 2017  |  Submit a Comment

main-qimg-ba311e923ca7a5e847decede56c7379f-c
I’ve received reports about scams like the one featured in this blog post. The scammers have cleverly reproduced the domain and email address, making it look like the email legitimately originates from BT. The result is a well crafted alert that could easily dupe a concerned business leader trying to understand the status of sensitive data following WCry.

 

2017-05-18_12-13-41

 

Cyber criminals have been known in the past to take advantage of situations like this to design new phishing campaigns.

If you receive one of these emails do not click on any links and instead, go to the BT website directly and log in from there.

However, companies are sending out legitimate emails of reassurance in connection with the recent cyber attack, if in doubt contact them directly on a method other than the email you have received.

Remember that fraudsters can “spoof” an email address to make it look like one used by someone you trust. If you are unsure, check the email header to identify the true source of any such communication.

Additionally you should always update your endpoint protection software and operating systems regularly and follow our advice on how to deal with ransomware and aggressive cyberattack.

We are not out of the ETERNALBLUE woods yet. Stay sharp.

 

Category: breach  cybersecurity  

Jonathan Care
Research Director
1 years at Gartner
22 years IT Industry

Jonathan Care expertise includes payment systems, cybersecurity, fraud detection and prevention applications, authentication, identity proofing, identity theft, and insider threats. He also covers the PCI compliance program, tokenization and the security aspects of payment systems. Read Full Bio




Leave a Reply

Your email address will not be published. Required fields are marked *

Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.