By The Greenshades Security Team
We have reports today of an email phishing campaign targeting users of our online sites. The email appears to come from GreenEmployee, but is actually being sent from the spoofed email address “firstname.lastname@example.org.” The email claims that our services are undergoing system maintenance and “implores” you to log in to protect yourself from phishing activities. If you receive this email or one like it, please do not click on the link(s) and report it to us immediately. This gives us a chance to notify our users and try to get phishing sites like this taken down.
This is what this phishing email looked like:
As we reported in our “Keep an eye out for phishers” blog post earlier this year, these types of phishing attacks are on the rise and are trying to trick you and your employees into giving away your password and other personal information. Please remember, Greenshades only sends emails from our domains and only sends links to websites on our own domains – Greenshades.com, GreenshadesOnline.com, GreenEmployee.com, and DownloadMyForm.com – or our service partners’ domains like ConstantContact.com, GoToMeeting.com, and StartControl.com. If the email address or any link in the email does not use one of these domains and is pretending to be Greenshades, please treat it as fraudulent and report it to us. We will keep this blog updated with any new phishing attempts reported to us.
Last, please take proactive measures to protect yourself and your information when you can. Please create strong passwords that you never share and please enable 2nd-factor authentication on your Greenshades account. For more information on how to do this and how to use other Greenshades security features, please check out our recent blog posts on security.