{"id":2413,"date":"2013-12-10T07:00:00","date_gmt":"2013-12-10T07:00:00","guid":{"rendered":"https:\/\/blogs.msdn.microsoft.com\/oldnewthing\/2013\/12\/10\/mysterious-email-possible-social-engineering-whatever-it-was-it-didnt-work\/"},"modified":"2013-12-10T07:00:00","modified_gmt":"2013-12-10T07:00:00","slug":"mysterious-email-possible-social-engineering-whatever-it-was-it-didnt-work","status":"publish","type":"post","link":"https:\/\/devblogs.microsoft.com\/oldnewthing\/20131210-00\/?p=2413","title":{"rendered":"Mysterious email, possible social engineering, whatever it was, it didn&#039;t work"},"content":{"rendered":"<p>A colleague of mine got a strange piece of email. It went something like this, although I&#8217;ve substituted a <a href=\"http:\/\/en.wikipedia.org\/wiki\/St_George%27s_Island_(fictional)#St_George.27s_Island\"> fictitious nation<\/a> and <a href=\"http:\/\/blogs.msdn.com\/b\/oldnewthing\/archive\/2006\/10\/13\/822124.aspx\"> fictitious company name<\/a> to protect the guilty(?).<\/p>\n<blockquote class=\"q\"><p>  <b>Subject<\/b>: St. George&#8217;s Island Embassy Trade Mission: Meeting request on behalf of Contoso Corporation <\/p>\n<p> Dear &lang;name&rang;, <\/p>\n<p> I am contacting you following the advice of &lang;senior executive&rang;, CTO of Microsoft Pangaea. <\/p>\n<p> The St. George&#8217;s Island Embassy Trade Mission is currently assisting a local company, Contoso. Contoso would like to present &lang;technology&rang; to Microsoft. Details are in the attached document. <\/p>\n<p> Would you accept a conference call with the CEO of Contoso, at a time at your convenience? <\/p>\n<p> Looking forward to a fruitful collaboration, <\/p>\n<p> Sir Humphrey Appleby,<br \/> Director, St. George&#8217;s Island Embassy Trade Mission <\/p>\n<\/blockquote>\n<p> My colleague has no connection with St. George&#8217;s Island, nor had he ever met the named senior executive (or anybody else from the Pangaea division), and he asked, &#8220;Is anybody else getting messages like this?&#8221;\n I suggested that they might be trying some social engineering: &#8220;Send an email to an employee saying that a senior executive told us to contact them. They will do whatever we ask because they think we are operating under the instructions of the CTO.&#8221;<\/p>\n<p> This sounded plausible, so my colleague contacted said senior executive, who replied, &#8220;I had invited Contoso to participate at a large event we held on St. George&#8217;s Island last year, but just as you don&#8217;t know me, I don&#8217;t know you either. This is definitely suspicious. Thanks for taking the time to send me this warning.&#8221; <\/p>\n","protected":false},"excerpt":{"rendered":"<p>A colleague of mine got a strange piece of email. It went something like this, although I&#8217;ve substituted a fictitious nation and fictitious company name to protect the guilty(?). Subject: St. George&#8217;s Island Embassy Trade Mission: Meeting request on behalf of Contoso Corporation Dear &lang;name&rang;, I am contacting you following the advice of &lang;senior executive&rang;, [&hellip;]<\/p>\n","protected":false},"author":1069,"featured_media":111744,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1],"tags":[103],"class_list":["post-2413","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-oldnewthing","tag-non-computer"],"acf":[],"blog_post_summary":"<p>A colleague of mine got a strange piece of email. It went something like this, although I&#8217;ve substituted a fictitious nation and fictitious company name to protect the guilty(?). Subject: St. George&#8217;s Island Embassy Trade Mission: Meeting request on behalf of Contoso Corporation Dear &lang;name&rang;, I am contacting you following the advice of &lang;senior executive&rang;, [&hellip;]<\/p>\n","_links":{"self":[{"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/posts\/2413","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/users\/1069"}],"replies":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/comments?post=2413"}],"version-history":[{"count":0,"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/posts\/2413\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/media\/111744"}],"wp:attachment":[{"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/media?parent=2413"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/categories?post=2413"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/tags?post=2413"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}