Suspicious activity

This week began with an unexpected invitation from a specific iPhone to connect to my email account. That’s strange, I thought, and instantly dismissed it. But the question lingered with me all day: who would want to access my email account and why?

I am not the wealthiest person alive, and my resources are not worth gaining, as far as I am aware. Eventually, I’ve changed my password and went about my day. 

Today, I was once again blown away by something. A WordPress user claiming to be a renamed physician informed me he wanted to make an investment proposal in Romania. He appeared to be a serious man, and I took his words for granted. 

I was preparing to talk with one of my supervisors from the consulting firm where I work because he seemed credible and we might be able to help.

The next thing I know, I receive an investment offer email. See below:

I was surprised to see that an actual respectable individual with important milestones online engages in such actions. And, really, who sends money to these people in the first place? I guess I didn’t expect to see one online, let alone on WordPress.

No, I didn’t reply to the email as James Veitch would have suggested, could have written a comment in WordPress, lol.

Another strange activity I witnessed at my former position was ex-customers passing around ZIP documents protected with a password, ostensibly locked to protect the information contained within. We had to open customer emails on a regular basis, which did not appear to be fraud at first.

According to ZD.Net, unlocking the document will enable macros and execute the commands for the next stages of the attack, which ultimately uses PowerShell to install a remote access tool onto the system, as well as mechanisms to ensure persistence.

This could simply be information theft, or it could be part of a larger plan in which attackers monitor the inbound and outbound emails from a compromised user to determine who they communicate with, then potentially use another phishing attack to compromise additional users from the initial account.

That email was opened by several people, including myself. Within seconds of opening the email and inputting the password, the browsers were functioning strangely, everything was in slow motion, and there was nothing I could do about it. I ultimately reinstalled the Windows pack and got everything protected by a new antivirus.

Dealing with suspicious emails and phone scams

With the Pandemic, hackers are omnipresent, and everything appears to be an opportunity to them. Offers to connect to your mobile device, send money to a random bank, and even payment information that is password-protected. These fraudsters, believe it or not, lurk in plain sight and utilize real-world issues to draw you into their scam.

Protect your email with a strong password that includes lower case, higher case, special symbols, and numbers and is at least 12 characters long. Don’t place your confidence in random people online who appear to be legitimate. If you open questionable emails, run a full scan. At the end of the day, no one is ready for these assaults, and it’s best to be prepared at all times.