Let’s take a closer look at the email EasyJet is sending to customers affected by its recently-revealed security breach.
From: easyJet Subject: Cyber Security Incident
Notice of cyber security incident – be alert to phishing emails
Dear Customer,
A personal communication, but they don’t use my name? That’s a funny way of doing things.
Many times we’ve told users that an email which doesn’t refer to them by name might be considered more suspicious.
After all, it’s less effort for bad guys to spam out a phishing attack to thousands of people with the greeting “Dear Customer” than “Dear Fred”, “Dear Richard”, “Dear Ethel”…
I wanted to write to you personally in regards to a recent cyber security incident at easyJet.
EasyJet’s announcement about the breach was definitely recent, but can the security incident itself actually be considered “recent”? I might beg to differ. Maybe we could all do with a reminder of what the word “recent” means before we carry on…
All up to speed? Right, let’s continue…
As you may have heard, we announced on 19th May 2020 that we were the target of an attack from a highly sophisticated source.
“An attack from a highly sophisticated source.” That won’t be HP Sauce then! Sorry, that’s a #dadjoke.
Pardon me if I sound skeptical when yet another company calls an attack “highly sophisticated.” Remember when TalkTalk made the same claim and it turned out to a easyjet breach notification email customers closer
