一、邮件钓鱼都骗到邮件服务商头上来了
最近一条来源于微信群聊记录显示,搜狐全体员工在5月18日早晨收到一封来自“搜狐财务部”名为《5月份员工工资补助通知》的邮件,大量员工按照附件要求扫码,并填写了银行账号等信息,最终不但没有等到所谓的补助,工资卡内的余额也被划走。
二、诈骗如何发生
其实,这种诈骗方式已经不是第一次出现了,类似的“工资补助”诈骗从去年开始就在全国发生过多起,讽刺的是搜狐新闻对此也进行过一些相关报道,在网络上已经算是常见诈骗方式。
攻击者通过钓鱼、暴力破解等手段盗取用户的邮箱账密,使用这些账号向公司内部(域内)大量发送诈骗邮件,目的就是诱导用户扫描二维码进入钓鱼链接并填写个人信息(主要是银行卡号、密码、验证码等)。
对比以前的短信诈骗,“工资补贴”邮件诈骗成功率会高很多,究其主要原因是带有企业域名、公司部门发送的邮件会更容易获得员工的信任。这次搜狐员工收到的邮件地址就是一个内部邮件地址,猜测是员工的邮箱被盗,被非法分子劫持后公司内部群发邮件。
这种犯罪方式需要掌握相关企业邮箱系统的管理缺陷或安全漏洞,安插“病毒”获取数据。事实上,邮箱安全事关重大本应是企业共识,数据显示,90%的黑客攻击都是通过邮箱作为突破口的,电子邮箱直接关系着企业安全。
三、搜狐的回应
搜狐也在事后迅速采取了行动,包括立刻删除了相关邮件,并由ES部门出面汇总遭遇诈骗员工的信息到派出所报案。25号上午,搜狐公司董事局主席兼CEO张朝阳在个人微博账号发布了一条消息,称只损失金额不到5万元。
对于响当当的搜狐来说,出了这样的事情毫无疑问是不光彩的。
四、对于5万块钱的这个辩解,你相信吗?
不管这次被骗了多少钱,都暴露了搜狐内部信息安全管理不善的问题,对于企业来讲提高邮件安全和加强企业内部信息安全建设,是一项非常重大的任务。
除了加强过滤和异常提醒机制外,同时也要加强企业员工信息安全意识培训,对于钓鱼邮件和伪装邮件,要能有效的识别出来。此前有公司为了训练员工的反诈骗意识,故意发送钓鱼邮件,对于点击的员工进行培训和罚款等措施。
五、网友的评论
不得不提的是,搜狐作为中国传统四大门户网站之一,公司旗下的电子邮箱服务也让其成为国内最大的邮箱服务提供商之一。此事一出,也被很多网友嘲讽“一个网络公司,竟被人偷了家”,成为了饭后谈资。
翻译:
First, mail phishing to cheat the head of mail service providers
A recent wechat group chat record shows that on the morning of May 18, all Sohu employees received an email from the “Sohu Finance Department” titled “Notice of May Employee Wage Subsidy”. A large number of employees scanned the code according to the attached requirements and filled in the bank account and other information. In the end, not only did they not wait for the so-called subsidy, but the balance of their salary card was also taken away.
Two, How does the fraud happen
In fact, this kind of fraud is not the first time to appear, similar “wage subsidy” fraud from last year began to occur in the country a number of, ironically, Sohu News has carried out some related reports on this, has been a common way of fraud on the Internet.
By phishing, brute force cracking and other means, the attackers steal users’ email accounts and send a large number of fraudulent emails to the company (within the domain). The purpose is to induce users to scan the QR code to enter the phishing link and fill in personal information (mainly bank card number, password, verification code, etc.).
Compared to previous SMS scams, the success rate of “salary bonus” email scams is much higher. The main reason is that emails with a corporate domain name and sent by the company department are easier to gain the trust of employees. The email address that Sohu staff received this time is an internal email address. It is speculated that the email address of the staff was stolen and hijacked by illegal elements after the company sent a mass email.
This kind of crime needs to master the management defects or security loopholes of the relevant enterprise email system, and install “viruses” to obtain data. In fact, it should be the enterprise consensus that email security is of great importance. Data shows that 90% of hacker attacks are through the mailbox as a breakthrough, and email is directly related to enterprise security.
Three, Sohu’s response
Sohu also took quick actions after the incident, including deleting relevant emails immediately, and sending ES department to collect the information of employees who suffered fraud to the police station. On the morning of 25, Zhang Chaoyang, chairman and CEO of Sohu, posted a message on his personal Weibo account, saying that the loss was less than 50,000 yuan.
For Dangdang Sohu, out of such a thing is no doubt dishonorable.
Four, for 50,000 yuan of this excuse, do you believe?
No matter how much money was cheated this time, Sohu exposed the problem of internal information security management, for enterprises to improve email security and strengthen the construction of internal information security, is a very important task.
In addition to strengthening the filtering and abnormal reminder mechanism, it is also necessary to strengthen the information security awareness training of employees, so as to effectively identify phishing emails and disguised emails. In the past, companies have deliberately sent phishing emails in order to train their employees to be anti-fraud, and given training and fines to employees who click on phishing emails.
- Comments from netizens
It has to be mentioned that Sohu, as one of the four traditional portal websites in China, has become one of the largest mailbox service providers in China with its own E-mail service. This incident was also mocked by many netizens, “a network company, was stolen home”, became a conversation after dinner.
本文由数字化转型网(www.szhzxw.cn)根据公开资料撰写而成,作者:数字化转型网木铎;编辑/翻译:数字化转型网默然。
免责声明: 本网站(http://www.szhzxw.cn/)内容主要来自原创、合作媒体供稿和第三方投稿,凡在本网站出现的信息,均仅供参考。本网站将尽力确保所提供信息的准确性及可靠性,但不保证有关资料的准确性及可靠性,读者在使用前请进一步核实,并对任何自主决定的行为负责。本网站对有关资料所引致的错误、不确或遗漏,概不负任何法律责任。
本网站刊载的所有内容(包括但不仅限文字、图片、LOGO、音频、视频、软件、程序等) 版权归原作者所有。任何单位或个人认为本网站中的内容可能涉嫌侵犯其知识产权或存在不实内容时,请及时通知本站,予以删除。
