Threat Alert: Phishing Lure Impersonating
GSD Technologies Spreads Ransomware

• A recent phishing campaign is abusing the brand of IT solutions provider GSD Technologies to deliver malicious attachments.
• The lures impersonate a purported user associated with GSD Technologies using the email address jenny[@]gsd[.]com. Other related threats purport to be from Jenny Green or Jenny Brown; some variants have also used Gmail accounts with those display names.
• The lures claim to deliver a document intended for the recipient while prompting the recipient for an immediate reply. Other lure variants claim to contain pictures of the recipient.
• Interacting with the attachment ultimately leads to the installation of ransomware on the victim’s computer.

Key Action: Report Suspicious Emails 

• Go beyond surface clues. Familiar logos, branding, and names are not automatic indicators that an email or website is safe. Cybercriminals often imitate well- known organizations.
• Never download attachments or “enable content” associated with unexpected messages. Never open, preview, or download an unexpected attachment, and never “enable content” or “enable macros” unless you are certain a file is safe. These actions can expose you to malware.
• Report ANY suspicious emails using the Phish Alarm button.