Scam of the Week: Fake Meltdown and Spectre Patch Phishing Emails

You may be aware of the warnings and advisories that were recently discovered that practically all computer systems worldwide have a hardware bug called “Meltdown and Spectre”.  These hardware vulnerabilities allow programs to steal data which is currently processed on the computer. While programs are typically not permitted to read data from other programs, a malicious program can exploit meltdown and Spectre to get ahold of secrets stored in the memory of other running programs. This might include your passwords stored in a password manager or browser, your personal photos, emails, instant messages and even business-critical documents.

The bad guys have jumped on this bandwagon with phishing attacks.


Here is an example of a phishing email, attempting to exploit the user:

We want to remind everyone to be alert for social engineering scams related to the bug announcements. These follow most major cyber incidents, and Meltdown and Spectre will be no different. With users being the last line of defense, it is critical to raise awareness and shore up your security.

Cyber-attacks are rapidly getting more sophisticated. GDR Group will help train your employees to better manage the urgent IT security problems of social engineering, spear-phishing and ransomware attacks. Take the first step now and email [email protected] to request a quote for security awareness training for your organization.