Over the holidays and continuing into the new year we have been seeing unusually high SMTP traffic coming from outside the US. This increase in volume has been seen across many of our local government and public safety customers. With the rise of Emotet being shared via phishing emails, we highly recommend exercising increased caution when opening links or attachments in emails. If you are not expecting the email or the sender is pushing you to do something urgently, take time to look for other tell-tale phishing signs like misspelled words and unknown domain addresses.
An example of this traffic as shown on our Paladin interface can be seen in the image below highlighted in yellow.
When you do receive suspicious emails, be sure to report them to IT. The best way to get your IT contact all of the email information they need for forensics is to attach the original email to a new email explaining the situation to your IT consultant. In most email interfaces you can accomplish this by dragging the suspicious email from your inbox and dropping it into a new email. Remember to attach the email, rather than forwarding. If you do happen to accidentally click on something you think you shouldn’t have, disconnect your computer from your network and report the incident to IT right away. Prompt reporting and isolation can be the difference between one computer locked up vs. an entire department.
SecuLore Support Team