The criminals sent the employee a link that took the victim to a very realistic looking landing page.
The target then entered their password, giving it to the attackers.
At the same time, Critical Insight analysts saw that the employee had entered a password on a non-encrypted site.
Critical Insight immediately called the public agency and alerted them. The agency had the employee change their password, which stopped hackers from gaining further access to the systems.
“Thank you for calling yesterday so quickly. It really did save us,” the security at the agency told Critical Insight.