I received an odd email today purporting to be from a large national company, who we have done work for in the past.
- The message identifies our company.
- It identifies certain files related to some past projects that are claimed to be exposed on the Internet.
- The domain is legit, the email addresses could be from that company.
- All of the contact phone numbers are offshore.
- The information portion of the message looked like an email but it is an image, not text.
- As far as we know this company was not involved in the projects identified but are projects we worked on.
- There is no information identifying the server by DNS or IP address.
- There is no information identifying the nature of the exposure like an open port or some protocol.
I have in the past received notices from an ISP identifying open ports, but they included specific information about the issue.
Bookmarks