OK IT people, it looks like I got fooled by a phishing scam.
This morning I received an email from someone who works for one of our regular clients requesting a proposal. The email body looked exactly like what I'd normally expect, with all of the pertinent information I'd typicall see in an RFP. The email signature was correct, too. Furthermore, I had coincidentally just minutes before received a separate email from another person with that same company in response to a message I sent earlier this week inquiring if they had any upcoming work that we could price for them. So, long story short - I had no reason to believe this was a nefarious message.
As it turned out, when I clicked the link provided to access the proposal documents, it took me to OneDrive, but I got a message saying that the item did not exist or was no longer available. That's when I contacted the company that sent the request and was told that their email had been compromised and that they did not send this message.
So now I'm concerned about someone having a backdoor to my computer. We don't have in-house IT services, so I emailed our outsourced company but have not yet received a reply. In the meantime, I've disconnected my laptop from the internet.
What should I be concerned about? Are passwords saves in my web browser now potentially compromised?
Thanks in advance for any input offered.
|
Posted: 06/25/2020 at 3:03PM