本文介紹的惡意郵件是屬於社交工程攻擊的一種,目的是取得使用者的帳號密碼,以進行更深入的攻擊,藉由虛假連結騙取使用者輸入帳號密碼,本文會去除惡意郵件中所有連結與隱私訊息。
收到此類郵件時,若不確認是否是真實郵件,請檢查下面項目:
1. 寄件者是否與聲稱信箱已滿的服務組織相同或有關連?
2. 檢查內文中所有的連結是否與上述組織有關連?
3. 不點擊任何郵件內的連結,打開瀏覽器手動登入自己的 webmail,確認是否有郵件內聲稱的問題。
只要任何項目有疑慮,就應該將此郵件認定為惡意郵件。
以下是郵件的原始內文,已去除全部連結與隱私項目,原本有連結的部分則標示為藍色。
======================================
99% 100%
Your xxxxxxxx.com mailbox has now significantly exceeded the limit assigned to you. Emails sent to you when your mailbox is in this state are not delivered and each sender should receive a notification of that fact.
Please take action to ensure that your mailbox is brought back under the limit.
What should you do?
Please login to your webmail via storage link to xxxxxxx@xxxxxxxx.com 's portal here.
https;//sso-mail.xxxxxxxx.com/webmail?storage=xxxxxxx@xxxxxxxx.com
Once logged in you will either need to delete any emails that you no longer need or archive emails that you wish to retain and then delete the originals.
Do you need more information?
We have some helpful information on the intranet regarding email settings.
Follow this link: https;//xxxxxxxx.com
--
xxxxxxxx.com Support Department
This message is generated automatically by the server when you exceed the assigned capacity of your mailbox. Please follow the instructions in the email to resolve this issue or contact your xxxxxxxx.com network administrator.
======================================
沒有留言:
張貼留言