Attackers send these emails, generally to a large number of recipients, to collect
credentials. Occasionally, attackers will craft very specific, targeted messages
unique to the recipient. This is referred to as "spear-phishing."
Attackers can use these credentials for several reasons, depending on what credentials
Email account credentials are collected so that attackers can use your email address
to send phishing messages, sometimes to people you have previously communicated with
Financial account credentials are used to perpetrate financial fraud and/or steal
Campus or other business/work related credentials are most often collected to attempt
to steal intellectual property, or to infiltrate the organization
What can you do to help?
Send the email to firstname.lastname@example.org, however, forwarding the email is not sufficient! Obtaining a copy of the original
email allows us to analyze various things about the message, like what route the message
took, who actually sent it, etc.
To send the message as an attachment:
Open your Outlook email client
Select the message in your messages list
In the top menu on the “Home” tab, click “More” in the "Respond" section
In the drop-down menu select “Forward as Attachment”