|
|
...
This email was intended to replicate a targeted campaign using a spoofed sender and information about a users departmentget users to question the request to input credentials into a non-LBL site. The link in the email directed to a non-LBL login page in order to tempt users to enter passwords. The fake employee Ingrid Peters was reused from the previous phish. Ingrid was added to the user directory to demonstrate the situation where an email address is spoofed or compromised. A phone number was added to Ingrid's directory entry that would be answered by security group.
Users were meant expected to notice that they were being asked to log in with LBL credentials to a non-LBL site as well as notice the reuse of the [email protected] address.
Sender: Ingrid Peters - [email protected]
...