Monday, March 28, 2016

We continue to see a substantial increase in the number of inbound emails that contain a variety of threats to our company. The good news is that our network defenses continue to do a solid job of preventing the vast majority of these emails from ever landing in the Inbox of one of our E-Team members. Unfortunately, some of these malicious emails will get through, and I am asking each of you to be vigilant as you read and work your email. Each of you are a key part of our defense in an on-going effort to protect the critical, privateinformation of our Residents and our E-Team members.
 

---

Verify requests recieved via email. Many of the malicious emails we are seeing originate from fraudsters and others in foreign countries.  Some of these emails are remarkable in their seeming authenticity.  They appear to originate from officers or senior leaders of our company, are asking you to do something for them and may even have a PDF or ZIP file attachment.  PLEASE BE AWARE THAT THE SENIOR MANAGERS WILL NOT ASK YOU TO DO SOMETHING OUTSIDE YOUR NORMAL JOB DUTIES WITH OUT CALLING YOU FIRST – NEVER TAKE AN EXTRAORDINARY ACTION WITHOUT BOTH A VERBAL AND WRITTEN CONFIRMATION.
 
Review originator's email address and email signature block. First, be wary of emails sent to you that contain no company information or email signature block - especially those purported to have come from someone at Essex.  Look carefully at the originator's email address.  If you see that the originator of the email has an email address  someone@essexpropertytrust.com or someone@breproperties.com, there is a very good chance that this is a malicious email (ESSEX.COM IS THE STANDARD E-MAIL ADDRESS TODAY.  THE OTHERS ARE NOT IN USE).  Many malicious emails will mimic a valid email address with a slight misspelling (someone@esssex.com - notice the extra "s"?).  Check the salutation of the email.  If there is no salutation, or you normally go by Dan and the email starts with a salutation "Hello Daniel", cast a critical eye on this email.  Many of the malicious emails we have seen also impart a false sense of urgency and typically ask for voluminous amounts of information- I need all of the company's information on this subject NOW!  If you receive an email such as any described above, please contact our Information Security team - InfoSec@essex.com and allow them to investigate that email.
 
File attachments. Second, be VERY careful opening file attachments.  If you are the least bit suspicious of the email you just received, DO NOT OPEN that attachment!  Instead, please contact our Information Security specialist via the InfoSec@essex.com email address and let our information security team review the attachment to determine if it is safe.  We have carefully constructed environments in which we can open these attachments to determine if they contain malicious code. 
 

---

Here are some additional "Red Flags" for email:
 

• Executives asking for unusual information: While most of us will naturally respond promptly to an email from an executive, it's worth pausing to consider whether the email request makes sense. A CFO might ask for aggregated compensation data or a special report, but individual employee data is less likely.
• Requests to not communicate with others: Impostor emails often ask the recipient to keep the request confidential or only communicate with the sender via email.
• Requests that bypass normal channels: Most organizations have accounting systems through which bills and payments must be processed, no matter how urgent the request. When these channels are bypassed by an email directly from an executive requesting, for example, that an urgent wire transfer be completed ASAP, the recipient should be suspicious.
• Language issues and unusual date formats: Some lure emails have flawless grammar, and some executives write emails in broken English. But the presence of European date formats (day month year) or sentence construction that suggests an email was written by a non-native speaker are common in many of these attacks.
• “Reply To” addresses that do not match sender addresses: This is hard to detect in some email clients or webmail applications, but impostor email threats are generally characterized by spoofed (imitated) sender addresses.  If you notice that the original email address looks like it’s from “essex.com” but the reply goes to gmail.com or yahoo.com, DO NOT REPLY - the intended recipient is suspicious. They may also use lookalike domains to fool recipients at a glance (essexx.com, essexapartementhomes.com, etc..).

 
Please remain vigilant.  If you have concerns or suspicions, please reach out to our Information Security team at InfoSec@essex.com right away. Thanks to each of you as we continue to combat these threats!

Monday, March 28, 2016 - 14:00