Ring Central Spam/Phishing

Often times, bad actors will try to impersonate well-known and trusted services such as RingCentral to spread malware, defraud, or steal personal information.

This practice is called phishing. In these all-too-common scenarios, users sometimes inadvertently click on a malicious link or an attached file. This often leads to downstream effects that aren’t obvious at the time, including the presence of keystroke logging malware on your computer. Your computer may become part of botnets, and you may fall victim to the collection, and often later resale, of user IDs and passwords.

While more people are becoming knowledgeable about phishing scams, the perpetrators also continue to evolve their methods. The targets, content, and malware associated with these emails change over time.

we’ve seen some phishing activity with fake emails that look like they are coming from RingCentral.  Here’s an example of what one might look like:

Here are some important tips for dealing with phishing emails, and for recognizing legitimate emails from RingCentral:

  1. Be suspicious of emails telling you to take urgent action. Fraudsters use this approach to get you to act before you’ve checked whether the email is genuine.

  2. Be cautious when opening links or any attachments to an email. Verify the attachment and make sure the link resolves to the correct domain prior to opening, as shown in the image.

  3. Don’t respond to anyone asking for your RingCentral password – a RingCentral representative will never ask you for your password via email.

  4. When in doubt about whether you’ve received a genuine message, you can always safely check your messages natively in the RingCentral mobileor desktop applications or within your RingCentral account page. You don’t have to click from an email to check your messages.

  5. If you don’t want message attachments sent to you from RingCentral, our service supports disabling email attachments in your account settings.

Keep in mind that a text message notification from RingCentral will never contain any attachments.  Voice mail attachments from RingCentral will only be .mp3 files and fax attachments will only be PDF files. Ring Central also does not send multiple attachments in a single notification email.


Usual rules apply:

  • be suspicious.

  • role-over email address to confirm actual source email.

  • do not open wierd attachement like .htm files.

Malware macOS Glims

Adware:MacOS/Glims

Detected by Microsoft Defender Antivirus [and Avast]

Aliases: No associated aliases

Summary

Microsoft Defender for Endpoint detects and removes this threat.

This threat arrives on macOS devices through various means, such as, but not limited to:

  • Disguising itself as a legitimate app

  • Being dropped by another malware

  • Being launched by another file as malicious scripts

  • Exploitation of a vulnerability

After it successfully installs and launches on the device, this threat might open your macOS devices to other threats.