The WV State Bar has been contacted regarding an email that contains a blue box with a yellow link that says “Review Document”. When you click on the link it then takes you to a fake “google sites” website and asks for you to login. It then collects your email and password and takes you to a blank page.
If you received and email that looks similar to the one below and did entered your email and password once at the link please change your password immediately.
Three important factors that you and your staff should pay attention to when opening an email:
- If you are not expecting a document from someone and receive one, contact that person directly to see id they are trying to send you something BEFORE YOU CLICK ON THE LINK IN THE EMAIL.
- Do not ever provide login credentials (username and password) on a website that has a different address other than google.com, microsoft.com, yahoo.com, etc. service that you are trying to login to.
– There are many websites that allow your to link your email account to their service but they will first provide you with a popup window or take you to a google or Microsoft addressed website when providing those credentials. - If you hover your mouse over the link it will show you the address in which it is trying to take you to. If it is suspicious do not click the link.
Suggested Mitigation/Prevention Strategy
Use Multi-Factor Authentication on all important logins. Below is a document with more information on what Multi-Factor Authentication is.
