We received word today that there is a new round of phishing attacks aimed at employees at email service providers. The phish messages are carrying a payload of malware aimed at getting access to the email service providers system.
We first wrote about this phishing attack back in November of 2010.
Here is what we know to be happening this time around:
1. This does not appear to be a “new” attack: The phishers are using email addresses originally stolen in November of 2010.
2. The malware associated with this attack is bad: It is specifically aimed to gain access to critical systems at email companies. Be extra cautious with unfamiliar messages. Be sure to alert staff to the threat posed by phishing messages.
If you have any information, concerns, or questions, please contact us immediately at [email protected].