[Technology] One for the IT Security Geeks

[nwgull]

One to for the bearded, star wars t-shirt wearing brigade of NSC from someone with mediocre IT understanding:

Had a call from a new employee yesterday saying he was just responding to my email. I hadn't sent him an email, but he'd received a phishing email from an account with my name on it but a different domain name, which is why he thought a call was appropriate rather than responding to the email. This in itself didn't concern me as we often get these types of emails to addresses that have been harvested over the years and the staff are fairly savvy when it comes to responding to odd looking addresses or clicking on links. What does however concern me is that this guy is new to the company and his email account didn't even exist until just over a week ago, so his address has been harvested in a matter of days! Does this indicate a security breach somewhere, or is this possible?

Thanks in advance for all help.

 

[Dick Swiveller]

One to for the bearded, star wars t-shirt wearing brigade of NSC from someone with mediocre IT understanding:

Interesting way to endear yourself to those you are asking for help.

Reminds me of the bloke who once asked me if he could ask about his home computer before he asked an expert.

 

[RandyWanger]

I do have a beard, but I have never watched star wars

Has this employee updated their linkedin to say they work for you? It can be as easy as that and most companies will use first.lastname@ format. Pretty easy to guess. Bots trawling the internet can easily pick this info up.

 

[BBassic]

I do have a beard, but I have never watched star wars

Has this employee updated their linkedin to say they work for you? It can be as easy as that and most companies will use first.lastname@ format. Pretty easy to guess. Bots trawling the internet can easily pick this info up.

I was going to suggest the LinkedIn thing.

It's shockingly easy to do.

 

[usernamed]

One to for the bearded, star wars t-shirt wearing brigade of NSC from someone with mediocre IT understanding:

Had a call from a new employee yesterday saying he was just responding to my email. I hadn't sent him an email, but he'd received a phishing email from an account with my name on it but a different domain name, which is why he thought a call was appropriate rather than responding to the email. This in itself didn't concern me as we often get these types of emails to addresses that have been harvested over the years and the staff are fairly savvy when it comes to responding to odd looking addresses or clicking on links. What does however concern me is that this guy is new to the company and his email account didn't even exist until just over a week ago, so his address has been harvested in a matter of days! Does this indicate a security breach somewhere, or is this possible?

Thanks in advance for all help.

While it’s possible that something is harvesting email addresses from within the organisation, it’s far more likely that your new lad has just entered his new business email address onto LinkedIn (now owned by Facebook) without his privacy controls being well set up, and Facebook have immediately sold it on to absolutely everyone for absolutely any purpose.

Edit: I see I’m far from the first to suggest LinkedIn!

 

[Westdene Seagull]

One to for the bearded, star wars t-shirt wearing brigade of NSC from someone with mediocre IT understanding:

Had a call from a new employee yesterday saying he was just responding to my email. I hadn't sent him an email, but he'd received a phishing email from an account with my name on it but a different domain name, which is why he thought a call was appropriate rather than responding to the email. This in itself didn't concern me as we often get these types of emails to addresses that have been harvested over the years and the staff are fairly savvy when it comes to responding to odd looking addresses or clicking on links. What does however concern me is that this guy is new to the company and his email account didn't even exist until just over a week ago, so his address has been harvested in a matter of days! Does this indicate a security breach somewhere, or is this possible?

Thanks in advance for all help.

If he's been sent an email from what purports to be you then it's more to do with your email address being out in the 'wild' than his. It shows the importance of training people in recognising phishing. No security breach just as long as he didn't respond ( which by the sounds of it he didn't ) and just deleted the email. Always worth previewing an email before opening properly so that the scammer don't know it's been opened.

 

[ConfusedGloryHunter]

How is John Smith's first week going anyway?

 

[nwgull]

I do have a beard, but I have never watched star wars

Has this employee updated their linkedin to say they work for you? It can be as easy as that and most companies will use first.lastname@ format. Pretty easy to guess. Bots trawling the internet can easily pick this info up.

Wow, what a fantastically quick and well-informed response in general to my query! I obviously don't mean bearded star-wars t-shirt wearing geeks in a pejorative sense - geeks run the world these days and our club is bankrolled by a maths geek.

The employee in question has indeed already updated his Linkedin account, so I reckon this is the source of the email address and this post is probably the winner, which is actually reassuring.

Thanks to all that responded .

 

[Herr Tubthumper]

One to for the bearded, star wars t-shirt wearing brigade of NSC from someone with mediocre IT understanding:

Had a call from a new employee yesterday saying he was just responding to my email. I hadn't sent him an email, but he'd received a phishing email from an account with my name on it but a different domain name, which is why he thought a call was appropriate rather than responding to the email. This in itself didn't concern me as we often get these types of emails to addresses that have been harvested over the years and the staff are fairly savvy when it comes to responding to odd looking addresses or clicking on links. What does however concern me is that this guy is new to the company and his email account didn't even exist until just over a week ago, so his address has been harvested in a matter of days! Does this indicate a security breach somewhere, or is this possible?

Thanks in advance for all help.

Don’t forget the balding head and skinny pony-tail.

 

[maltaseagull]

How is John Smith's first week going anyway?

He should change his password from Password 1234 to Password 4321 just to be safe

 

[Springal]

While it’s possible that something is harvesting email addresses from within the organisation, it’s far more likely that your new lad has just entered his new business email address onto LinkedIn (now owned by Facebook) without his privacy controls being well set up, and Facebook have immediately sold it on to absolutely everyone for absolutely any purpose.

Edit: I see I’m far from the first to suggest LinkedIn!

Linkedin has been and is still owned by Microsoft since 2016

 

[usernamed]

Linkedin has been and is still owned by Microsoft since 2016

How bizarre, I was 100% certain it was one of the businesses Facebook had snapped up when it went on its social media acquisition spree. I was wrong, and stand corrected.

 

[£1.99]

He should change his password from Password 1234 to Password 4321 just to be safe

WOW! What a coincidence. I have just done the very same thing!

 

[nwgull]

Don’t forget the balding head and skinny pony-tail.

If I was after a record producer or someone to manage my band, then that's who I'll be after. For IT, I'd be suspicious of the expertise of someone without a beard and cavalier attitude to personal hygiene.

 

[AmexRuislip]

One to for the bearded, star wars t-shirt wearing brigade of NSC from someone with mediocre IT understanding:

Had a call from a new employee yesterday saying he was just responding to my email. I hadn't sent him an email, but he'd received a phishing email from an account with my name on it but a different domain name, which is why he thought a call was appropriate rather than responding to the email. This in itself didn't concern me as we often get these types of emails to addresses that have been harvested over the years and the staff are fairly savvy when it comes to responding to odd looking addresses or clicking on links. What does however concern me is that this guy is new to the company and his email account didn't even exist until just over a week ago, so his address has been harvested in a matter of days! Does this indicate a security breach somewhere, or is this possible?

Thanks in advance for all help.

 

[swd40]

If he's been sent an email from what purports to be you then it's more to do with your email address being out in the 'wild' than his. It shows the importance of training people in recognising phishing. No security breach just as long as he didn't respond ( which by the sounds of it he didn't ) and just deleted the email. Always worth previewing an email before opening properly so that the scammer don't know it's been opened.

This ^.

Smells more likely someone new to your org has just got their first bit of spam from your compromised email address. Not their fault at all.

Don't use work email address, when signing up for those mucky websites i would say.

 

[Gabbafella]

I was going to help, but then you insulted my Star Wars t-shirt.

 

[Herr Tubthumper]

If I was after a record producer or someone to manage my band, then that's who I'll be after. For IT, I'd be suspicious of the expertise of someone without a beard and cavalier attitude to personal hygiene.

And don’t forget the nervousness and sweating when dealing with a female colleague.

 

[Brighthelmstone]

He should change his password from Password 1234 to Password 4321 just to be safe

Don't forget to then write it down and stick it on the side of the monitor as well. (depressingly common occurrences where i work!)

 

[studio150]

Don't forget Jennifer Arcuri is your go to person for computer training (Highly recommended by Mr Johnson, London)