A Suspicious Email and Professionalism

xiny

Working at a bank we sometimes get random suspicious emails (with suspicious attachments) from legitimate banks whom we do not work with. Thank god we have an effective Security Awareness Training Program.


We got one such Email today and I was wondering would it be unprofessional to contact that banks Information Security Officer and let them know of the situation, perhaps they are unaware and need to look into a possible email breach, or perhaps I should just blacklist their domain and move on.

What do you guys think?

Akaricloud

I don't see how that would do any harm or be unprofessional. Many bank websites have sections to report this kind of suspicious activity, it's clearly a major concern for them.

dave0212

If the headers show it is actually from them, then I would forward the details to them to investigate, I definitely wouldn't consider it unprofessional. I regularly contact legitimate companies whose sites are hosting phishing pages buried deep within there file structure, I have also contacted banks with fraud attempts where I have account numbers to get them investigated.

Most banks have contacts for suspicious email, just send to them.

successrealm

Yes, I would notify them.

(Describe the email, I wouldn't forward the email. Some people WILL click on any links, anyway....It takes one dittohead, just one) They can investigate.

xiny

Thank you for your suggestions. What I'm going to do not is try to get Header Information for this email before I contact them.

xiny

Okay, so I called them and asked for their Information Security Officer, the receptionist asked if it where in regards to an email. I said yes, and they said they have already received multiple calls regarding suspicious emails and are looking into it.

Sounds like a bad week for their IT Department.

I appreciate everyone's response, I'll remember this for next time.