Subject: "Forwarded Message-Past Due Invoice"
Some phishing attempts are more sophisticated than a simple file-sharing message. Malicious actors may create elaborate email chains to make it appear as though you or your department has previously communicated with them. The example below includes several fictional messages embedded within the phishing email to enhance its legitimacy. The email also contained a malicious attachment that compromised the recipient’s device upon download.
Clues:
- The use of capital letters and the generic domain (@consultant.com).
- The fictitious prior correspondence.
- The large monetary amount.
What should I do if I receive a similar email?
If you receive a suspicious invoice and you are in any way unsure of the sender, message, or file, please do not click on anything in the message. Instead, report the email to IT using the Phish Alert Button:
If an email seems to reference correspondence with other TMU employees with whom you are unfamiliar, please verify their identity with your supervisor.
