I’ve received reports about scams like the one featured in this blog post. The scammers have cleverly reproduced the domain and email address, making it look like the email legitimately originates from BT. The result is a well crafted alert that could easily dupe a concerned business leader trying to understand the status of sensitive data following WCry.
Cyber criminals have been known in the past to take advantage of situations like this to design new phishing campaigns.
If you receive one of these emails do not click on any links and instead, go to the BT website directly and log in from there.
However, companies are sending out legitimate emails of reassurance in connection with the recent cyber attack, if in doubt contact them directly on a method other than the email you have received.
Remember that fraudsters can “spoof” an email address to make it look like one used by someone you trust. If you are unsure, check the email header to identify the true source of any such communication.
We are not out of the ETERNALBLUE woods yet. Stay sharp.
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.