All Ideas

Idea Details

Post an Idea
30  Points
Open
Idea has been posted. Give it an upvote or downvote.

Fake Salesforce email containing Trojan

Accounts & Contacts

All, 
One of our clients logged a case with us today stating that they received an email seemingly from their Salesforce org. They did not expect the email, nor did they recognize the format of the email, so they contacted us, their SF admin support team. A small bit of research yielded the conclusion that the email is a spam TROJAN VIRUS email that contains an installer link. I wanted to make the community aware of this.
 
Here is the email:
************************************************************************************************
Subject: ACTION REQUIRED: A document has arrived for your review/approval (Document Flow Manager) [WARNING: SPF validation failed] 
Importance: High 
 
This message is for the designated recipient only and may contain privileged, proprietary, or otherwise private information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of the email by you is prohibited. 
 
Record ID: G7JAAYHHYJ38301 
 
Supplier: [I removed the hyperlink capability of the url below, AND removed a few lines from the address, but this link is what is intended to be clicked]
http://cp.mcafee.com/d/1jWVIg6zqb8VZWVEVpvd79KVJdZCXXyb9ITvshodI9LILK9K6Wqlz8yjC2BEOlYfB2TbCREOlYfB2TbC_otjhKC_R-hjvjsuooWZOWrarD8zC1PVEVpsVqWtAF61HhAHUva5KndG_iCAv1kE4aJMgXTt3-ndEI8CzBN4S82gwCRvxcQg4ZEq8dz6hDQ3h0Xm9Ewblryq88-pBVzdmmzkPFVEwd50tmPqLMCq81s-FwQg3uMQzYjhirKrqSVB 
 
Invoice No.: 4145843978 
 
Document No.: 8442236644 
 
Invoice amount: USD 3633.17 
 
Rejection reason(s): Approval Required 
Please find enclosed a record of invoice that could not be processed. We would like to ask you to assist us in resolving the noted rejection reasons.
 
 
ref:_00D301GRNS._500a0Xjxya:ref
************************************************************************************************
 
This, again, is for educational and awareness purposes only. If anybody or their client receives a similar email, do not open any links and contact whomever is in charge of database security.
 
Thank you for your time,
Kyle Dugger, Salesforce Certified Administrator
Virsys12, LLC
Nashville, TN

Merge Idea · Flag

  • Upvotes
  • Downvotes

Ideas

Apps

from AppExchange

Questions

Help us to keep IdeaExchange clean by pointing out overlapping ideas. We'll investigate your suggestion and merge the ideas if it makes sense.



 

 

Thanks for your merge suggestion. We will review it shortly and merge the ideas if applicable.

Salesforce takes abuse situations very seriously. Examples of abuse include but are not limited to posting of offensive language or fraudulent statements. To help us process your request as quickly as possible, please fill out the form below describing the situation. For privacy and security reasons, the final outcome of an abuse case may not be revealed to the person who reported it.


 

Thank you for your feedback. We take abuse seriously and will investigate this issue and take appropriate action.