P2021-ND-306

On November 26, 2020, an employee with the Organization unknowingly clicked on a phishing link sent to her by email, which in turn allowed an unauthorized actor to gain access to the employee’s email account and subsequently send a phishing link to the employee’s contacts via email. The breach was discovered the same day after multiple emails were sent from the employee?s account, and various replies were received. The Organization reviewed all emails and determined that all of the emails were corporate email accounts.

File Type: pdf
File Size: 613 KB
Categories: 2021