Urgent 10/29 Security Alert: Do Not Open "FTC" Email
TUESDAY OCTOBER 30, 2007
Today, many of SFDC customers received a malicious email that appears to have been circulated on the internet. This message was a bogus email from the "FTC Fraud Department", and had malware attached which installs itself to a user's PC and logs keystrokes in an attempt to gain password or account access. This email should not be opened, and any users that have inadvertently opened it should cease use of their machines until your security department can evaluate them.
Here is a link to the FTC site with further information and updates: http://www.ftc.gov/opa/2007/10/bogus.shtm
Report any suspicious emails to security@salesforce.com.
For your reference, a copy of the text from their site has also been pasted below. For security best practices, you can always view our security updates at http://trust.salesforce.com/security.html, or contact us directly at security@salesforce.com.
Phishing and malware are on the rise, but every customer can take a few critical steps to help fend off threats. Salesforce.com offers many technologies for improving your security. After you address the "FTC" email issue, salesforce.com strongly recommends your security team contact us for a security review. To schedule this review, please send an email to security@salesforce.com.
Thanks,
Security Team at Salesforce.com
Comments
What kind of bunk is this? Why does Salesforce care about one of the millions of types of spam/phishing attacks that get launched every day? Was salesforce's customer list compromised in any way? Or is this just a gimmick to try to get people to contract salesforce's "security services" team? Either way - it's shoddy business practice.
What in the world does some bogus FTC message have to do with salesforce at all?
Posted by: IT Person | Oct 30, 2007 9:56:16 AM
Did salesforce's customer data get hacked?
Posted by: Concerned customer | Oct 31, 2007 10:56:14 AM