A Suspicious Email and Professionalism
xiny
Member Posts: 46 ■■□□□□□□□□
Working at a bank we sometimes get random suspicious emails (with suspicious attachments) from legitimate banks whom we do not work with. Thank god we have an effective Security Awareness Training Program.
We got one such Email today and I was wondering would it be unprofessional to contact that banks Information Security Officer and let them know of the situation, perhaps they are unaware and need to look into a possible email breach, or perhaps I should just blacklist their domain and move on.
What do you guys think?
We got one such Email today and I was wondering would it be unprofessional to contact that banks Information Security Officer and let them know of the situation, perhaps they are unaware and need to look into a possible email breach, or perhaps I should just blacklist their domain and move on.
What do you guys think?
"Hacking is like sex. You get in, you get out, and hope that you didn't leave something that can be traced back to you."
Comments
-
Akaricloud Member Posts: 938I don't see how that would do any harm or be unprofessional. Many bank websites have sections to report this kind of suspicious activity, it's clearly a major concern for them.
-
dave0212 Member Posts: 287If the headers show it is actually from them, then I would forward the details to them to investigate, I definitely wouldn't consider it unprofessional. I regularly contact legitimate companies whose sites are hosting phishing pages buried deep within there file structure, I have also contacted banks with fraud attempts where I have account numbers to get them investigated.
Most banks have contacts for suspicious email, just send to them.This week I have achieved unprecedented levels of unverifiable productivity
Working on
Learning Python and OSCP -
successrealm Member Posts: 104 ■■□□□□□□□□Yes, I would notify them.
(Describe the email, I wouldn't forward the email. Some people WILL click on any links, anyway....It takes one dittohead, just one) They can investigate. -
xiny Member Posts: 46 ■■□□□□□□□□Thank you for your suggestions. What I'm going to do not is try to get Header Information for this email before I contact them."Hacking is like sex. You get in, you get out, and hope that you didn't leave something that can be traced back to you."
-
xiny Member Posts: 46 ■■□□□□□□□□Okay, so I called them and asked for their Information Security Officer, the receptionist asked if it where in regards to an email. I said yes, and they said they have already received multiple calls regarding suspicious emails and are looking into it.
Sounds like a bad week for their IT Department.
I appreciate everyone's response, I'll remember this for next time."Hacking is like sex. You get in, you get out, and hope that you didn't leave something that can be traced back to you."