[Michlib-l] taxpayer and voter e-mail

Jeff Godin jgodin at tadl.org
Fri May 19 14:50:00 EDT 2017


With the variations reported so far, these "Dear Library Director" emails
could be many things, but one possibility is that they are part of a
semi-targeted phishing / social engineering campaign.

After replying with details of the next library board meeting, the next
message may be along the lines of "Thank you! Looking forward to next
week's board meeting! Attached is a document with a preview of the issues I
intend to raise during public comment. The password is..." or "I have
shared the following file with you via [service]"... where the document /
link in questions would be malicious.

A more patient actor would string you along for a decent amount of time
before delivering the exploit attempt.

I'd advise an extra dose of caution if you choose to proceed further with
the email in question.

-jeff
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail3.mcls.org/pipermail/michlib-l/attachments/20170519/96509b86/attachment.html>


More information about the Michlib-l mailing list