cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Former Member
Not applicable
Report Inappropriate Content
Message 1 of 5

Pay Raise Phishing Scam - how do these work, possibly new technology from previous versions?

Jump to solution

We recently had another phishing attack ( we have since purchased a advanced threat protection for email)

But I am curious, in the past when we had employees that clicked these links and even though well educated, still added their network credentials, we would have them change their password and that would be the end of the spamming however, this last bout... we had 2 users who changed their passwords and it did nothing. we removed the rules and the rules would be placed back.   We had about 18 other employees who did this but with quick communication I was able to work with them to change their password and the rules to move the incoming emails to the deleted folder had not been created. The other two, time had lapsed between their providing their network activity and becoming victim of spam.

We attempted to clean the devices and run scans but nothing showed up so we rebuilt those two and they are now fine.

My concern is... how did these two get infected but the others did not?

My concern is a potential data breach if someone were to have physically been on the device but how would we know that? Our exchange server shows the only activity came from an Outlook client so its not like they physically went into the mailbox using OWA.  This is confusing

1 Solution

Accepted Solutions
selvan
McAfee Retired
McAfee Retired
Report Inappropriate Content
Message 2 of 5

Re: Pay Raise Phishing Scam - how do these work, possibly new technology from previous versions?

Jump to solution

Moved to Advanced Threat Defense for better visibility

View solution in original post

4 Replies
selvan
McAfee Retired
McAfee Retired
Report Inappropriate Content
Message 2 of 5

Re: Pay Raise Phishing Scam - how do these work, possibly new technology from previous versions?

Jump to solution

Moved to Advanced Threat Defense for better visibility

Former Member
Not applicable
Report Inappropriate Content
Message 3 of 5

Re: Pay Raise Phishing Scam - how do these work, possibly new technology from previous versions?

Jump to solution

now I cant edit it

Re: Pay Raise Phishing Scam - how do these work, possibly new technology from previous versions?

Jump to solution

Sol,

Can you give a bit more detail about what happened?  It sounds like a link came through... was the link embedded in a file or directly in the email?  What type of file was it? 

Dave

Former Member
Not applicable
Report Inappropriate Content
Message 5 of 5

Re: Pay Raise Phishing Scam - how do these work, possibly new technology from previous versions?

Jump to solution

HI David,  thought I would respond to this... what I realized was that as long as the hacker has the email account open, they can continue to reset the rule when it is deleted and continue to do their mess. So the device was not infected, we just had a live hacker and had to wait for them to get out of the account. We did disable the account so it could not send or receive and eventually they got off.

We did purchase the ATD for email and that has helped a lot and we recently placed the McAfee ATD/TIE system and are working on pushing that out to all clients. Things are much better

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community