 |
 |
OK, this is weird... |
|
09-26-2020, 10:40 PM
|
 |
Philosophical Tomato
|
|
Join Date: Jul 2006
Location: Not where I think I am
Posts: 5,324
|
|
OK, this is weird...
I think I posted before about how I got an onboarding email (typically the very last step in the hiring process) from ExJob from a store not even in my country, asking me to set up an account on an HR platform the company does not use and directing me to contact "your local HR" (but no indication how to actually contact them) when the link expired after five days.
So far I've gotten three such emails total. First one was from the other store, the next two were from a generic HR address that doesn't exist; all addresses are no-reply. Not only that, but the second and third emails have an error "If you do not click this link within days of expiration" (first email specified 5 days, the rest do not)...all the emails came exactly five days apart. The links themselves look legit, I'm not clicking on anything.
__________________
"I am quite confident that I do exist."
"Excuse me, I'm making perfect sense. You're just not keeping up." The Doctor
|
|
09-27-2020, 12:31 AM
|
 |
Chairman of the Board
|
|
Join Date: Dec 2007
Location: Inside The Beltway.
Posts: 4,986
|
|
It does look like a phishing attack.
__________________
"I don't have to be petty. The Universe does that for me."
|
09-27-2020, 12:34 AM
|
 |
Semi-Retired phone geek
|
|
Join Date: Sep 2006
Location: Frozen bits, ON
Posts: 728
|
|
Sounds like the NewJob's HR system has been compromised, and as I.A. said, they are using the data as a phish.
Careful on what you click....
B
__________________
"Only two things are infinite, the universe and human stupidity, and I'm not sure about the former."- Albert Einstein.
I never knew how happy paint could make people until I started selling it.
|
09-27-2020, 01:49 AM
|
|
Philosophical Tomato
|
|
Join Date: Jul 2006
Location: Not where I think I am
Posts: 5,324
|
|
My first thought was that ExJob did get compromised...kinda serves them right, I did warn them about assorted vulnerabilities a year ago and was ignored because I wasn't an official part of IT.
__________________
"I am quite confident that I do exist."
"Excuse me, I'm making perfect sense. You're just not keeping up." The Doctor
|
09-27-2020, 03:36 AM
|
|
Chairman of the Board
|
|
Join Date: Dec 2007
Location: Inside The Beltway.
Posts: 4,986
|
|
Quote:
Quoth Dreamstalker
My first thought was that ExJob did get compromised...kinda serves them right, I did warn them about assorted vulnerabilities a year ago and was ignored because I wasn't an official part of IT.
|
That sounds like a movie trope.
"Never believe the guy without credentials."
I don't think it is confined to the movies. It happens all too often in real life.
__________________
"I don't have to be petty. The Universe does that for me."
|
09-27-2020, 03:52 AM
|
|
Philosophical Tomato
|
|
Join Date: Jul 2006
Location: Not where I think I am
Posts: 5,324
|
|
ExJob's IT department wasn't all that bright, the few interactions I had with them. Too by-the-book when the majority of actual glitches were of the "That isn't supposed to happen" variety. They seemed too used to working with relatively closed systems up in the company office and not the chaos of a stockroom/salesfloor where anything could cause anything (and often did).
__________________
"I am quite confident that I do exist."
"Excuse me, I'm making perfect sense. You're just not keeping up." The Doctor
|
10-05-2020, 03:57 AM
|
|
Philosophical Tomato
|
|
Join Date: Jul 2006
Location: Not where I think I am
Posts: 5,324
|
|
Got another such email on 10/1; so far that makes 4, all exactly five days apart. The link is exactly the same in each one and looks like a legit [program] link...but that's in an email program so who knows. If it was a legit onboarding thing I would have been contacted elsewise.
Sadly my "forensics" laptop (I don't use it other than trying to break software so NBD if it gets infected) is having issues so I can't delve into it just yet. Maybe I can use this as a test case in the security course I'm taking...
__________________
"I am quite confident that I do exist."
"Excuse me, I'm making perfect sense. You're just not keeping up." The Doctor
|
|
|
|
10-05-2020, 08:17 PM
|
 |
The Hero CS Deserves
|
|
Join Date: Aug 2008
Location: Wandering Greyhawk
Posts: 10,175
|
|
You just reminded me of a Windows Security seminar I attended oh . . . two decades ago. They talked about – well, guess  I remember only two things of note from it, and they're things that I HOPE have been rectified since then, but ya never know:
1 - Windows' login screen has (had) all of the integrity of a sieve, and
2 - Failed attempts to login to a system (with a bad password) are/were NOT logged under critical events (or whatever the category they use for "OMFG you need to know this right EFFing now!!" stuff), for some inexplicable reason; they were tracked elsewhere, but you had to know where to look. As such, you could just keep spamming the login screen unless there was a Policy that somehow prevented you from doing so.
__________________
"Love keeps her in the air when she oughta fall down...tell you she's hurtin' 'fore she keens...makes her a home". - Capt. Malcolm Reynolds, "Serenity" (2005)
"If someone feels the need to tell you how intelligent (or honest, etc) they are, it means that, somewhere deep down inside, they know that their words and actions would never give anyone the impression that they ARE intelligent." - me
Acts of Gord – Read it, Learn it, Love it!
"Our psychic powers only work if the customer has a mind to read" - me
"Good men don't need rules; today is not the day to find out why I have so many." - The Doctor
"[Friendship,] like philosophy, like art, like the universe itself … has no survival value; rather it is one of those things which give value to survival.” ~ C. S. Lewis
|
|
10-06-2020, 11:53 AM
|
 |
Ex-Puncher of Tickets
|
|
Join Date: Aug 2011
Location: 13A, Moonbase Beaver.
Posts: 2,181
|
|
Quote:
Quoth EricKei
1 - Windows' login screen has (had) all of the integrity of a sieve, ...
|
Yeah, I remember when you could occasionally leave the password field blank (and even set your password as blank!) and gain access, or just cancel the password dialogue and get guest access to the machine by default. Heady days.
__________________
This was one of those times where my mouth says "have a nice day" but my brain says "go step on a Lego". - RegisterAce
I can't make something magically appear to fulfill all your hopes and dreams. Believe me, if I could I'd be the first person I'd help. - Trixie
|
|
|
|
10-06-2020, 09:33 PM
|
|
The Hero CS Deserves
|
|
Join Date: Aug 2008
Location: Wandering Greyhawk
Posts: 10,175
|
|
To the best of my knowledge, prior to w2000, ALL users were effectively Admins, even if they were categorized as Guests within Windows. 98/SE did this, not sure about wMe. The seminar happened as XP was getting a decent foothold on the market.
__________________
"Love keeps her in the air when she oughta fall down...tell you she's hurtin' 'fore she keens...makes her a home". - Capt. Malcolm Reynolds, "Serenity" (2005)
"If someone feels the need to tell you how intelligent (or honest, etc) they are, it means that, somewhere deep down inside, they know that their words and actions would never give anyone the impression that they ARE intelligent." - me
Acts of Gord – Read it, Learn it, Love it!
"Our psychic powers only work if the customer has a mind to read" - me
"Good men don't need rules; today is not the day to find out why I have so many." - The Doctor
"[Friendship,] like philosophy, like art, like the universe itself … has no survival value; rather it is one of those things which give value to survival.” ~ C. S. Lewis
|
|
| Thread Tools |
|
|
| Display Modes |
 Linear Mode
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
All times are GMT. The time now is 11:29 AM.
| |
