P2019-ND-121

On September 11, 2018, an employee completed a fraudulent web-form based on an email which appeared to be from a trusted party. The information provided by the employee allowed a malicious actor to change the email account settings for that employee to activate forwarding of all incoming email. The incident was discovered on December 3, 2018, when an IT consultant identified the unauthorized forwarding email address during a routine review of spam reports.

File Type: pdf
File Size: 527 KB
Categories: 2019