It was a cunningly crafted phish...
Employees at a healthcare company were going about their day when they received an email from their CEO - and it wasn't a typical meeting invitation. The email asked them to read and agree to a company policy. Simple. Just click on a link, login with their credentials and go to the policy page to confirm.
But the sender wasn't the CEO. He was a talented fraudster targeting passwords to gain file system access and reroute electronic payroll deposits. And he almost succeeded.
Download this eBook for a minute-by-minute account of what happened and how users and security professionals worked together to avoid a major breach.