Phish Alert: RFP Campaign & Voicemail
June 24, 2021
Please be aware of two ongoing Phishing campaigns targeting the Housing Sector

Fake RFP Campaign

Unknown attackers are using an email with an RFP package/proposal to trick people into visiting document hosting sites that are seeded with malicious links. From here, users may be redirected to another website and then prompted to enter their Username and Password. This allows the attacker to gather the credentials of the visiting user.

Several organizations, both vendors and housing providers, have had accounts compromised in this way. In most of these situations, the attacker was actively monitoring the e-mail box, and responded to e-mail inquiries about the validity of the email.

 

Voicemail

Unknown attackers are sending emails indicating there is a voicemail waiting your attention. When users click the link to access it, they are prompted for their username and password. This allows the attackers to collect the credentials of the user.

 

As always, we encourage everyone to remain vigilant and if you have received a similar email or are concerned you may be affected, please follow your organization’s Phishing Report process and/or contact your IT Provider.

Please help us improve our website by providing your feedback

Please help us improve our website by providing your feedback