Beware of SSL Renewal Emails!

A 3D client recently received an email claiming they needed to click a link to get instructions on how to renew their company’s SSL (Secure Sockets Layer) certificate, which was allegedly expiring. SSL is a protocol designed to provide secure communications over the Internet using encryption; thus, the SSL certificate is important to keep the private data (such as credit card numbers) of Internet users safe. We believe that attackers are using the SSL certificate’s importance as a means to coerce users into clicking the link, thinking they’re keeping their company’s data safe when in reality they’re doing the exact opposite.

Luckily, our client wisely asked a 3D network engineer about the email before proceeding. After looking up the client’s actual SSL subscription, we discovered it had nothing to do with this email, domain, or expiration. Because of this, we have little doubt that malware of some sort is awaiting our client on the other end of that link, which could have made the company’s network vulnerable to a wide variety of threats.

3D is currently taking steps to educate our clients and the public about these misleading and potentially dangerous emails as well as putting tools in place to further protect clients from threats of this sort. We’re advising network administrators to be particularly cautious as the email was targeted at the network administrator of our client. We believe that emails like these are still being sent to users.

To learn more about how 3D can enhance the security of your company’s network, visit our website at www.3dcorp.us.