October 26 - Fake “Halloween Briefing Points” from the Navy Safety Center
I found this very amusing. It is a lazy spearphish type email using the upcoming Halloween holiday as a lure. At first I wondered if it used to be different types of briefing points originally, and the text was just changed? There is an extra space in the text before “Halloween,” which is why it seemed like it was edited. But then I went to the website of the Navy Safety Center, and they actually have Halloween Briefing Points in a PDF and a PP presentation on Halloween hazards! Not sure why, but there you are. (Screenshot for posterity).
Again this came from an unknown to me sender. We were not the only ones who got this, anyway, as TrendMicro posted about the same email. (Although when I originally submitted it to VT, they did not have a detection for it, although it had a decent 37.2% detection rate.)
The email header showed the originating IP as being a restaurant in Philadelphia, which I thought was interesting. Doubt the restaurant was open at the time, given that it was sent at 4:40am…
Subject: Fwd: Halloween Briefing Points
Originating IP: 220.127.116.11