Joanne had been at her new job for only a few days when she got an email from the IT department telling her there might be a problem with her account. A link in the email sent her to a Web page where she could enter her corporate username and password to maintain her computer access. “It looked official, so I went ahead and gave them my information," she says.
A few hours later, she got another email stating that hackers had forged the IT department’s email address. It said that anyone who visited the fake Web page from the email should change his or her password and report the incident immediately.
Joanne changed her password right away, but the damage had already been done. It had only taken a few minutes for the hacker to log into the company's computer system and install a program that gave him full control of the system. The hacker had control of the network for months and used it to launch attacks against other networks, relay massive amounts of spam, and distribute illegal software. “I feel so foolish,” Joanne says. "At least I wasn’t the only one that fell for it!”
To learn how to protect yourself from phishing emails at work, see Email - Phishing
Print view
Email to a friend
Submit to Reddit
Save to del.icio.us
Submit to Digg.com
Stumble It!