I’ve received reports about scams like the one featured in this blog post. The scammers have cleverly reproduced the domain and email address, making it look like the email legitimately originates from BT. The result is a well crafted alert that could easily dupe a concerned business leader trying to understand the status of sensitive data following WCry.
Cyber criminals have been known in the past to take advantage of situations like this to design new phishing campaigns.
If you receive one of these emails do not click on any links and instead, go to the BT website directly and log in from there.
However, companies are sending out legitimate emails of reassurance in connection with the recent cyber attack, if in doubt contact them directly on a method other than the email you have received.
Remember that fraudsters can “spoof” an email address to make it look like one used by someone you trust. If you are unsure, check the email header to identify the true source of any such communication.
We are not out of the ETERNALBLUE woods yet. Stay sharp.