Synology Warns of Phishing E-mails

TapTechNews Jun 14 - NAS manufacturer Synology announced on the Facebook platform yesterday that it has found that there are criminals sending phishing e-mails in its name, and people need to be extra vigilant when receiving Synology-related e-mails recently.

According to Synology, the criminals induce the recipient to download the attached file or click on the phishing link through the e-mail content to carry out further attacks.

Based on the clues currently available to Synology, this round of attacks was not caused by a leak of Synology's internal materials, but the attackers found the accounts that sent Synology-related information on social media and attacked the publicly available e-mails on these accounts.

The Hong Kong media HKEPC received such an e-mail:

The criminals falsely claimed that HKEPC illegally used Synology's media resources for publicity on the Facebook platform and infringed Synology's intellectual property rights.

The criminals declared that the attached file in their e-mail contained detailed information about the infringement and asked HKEPC to download the attachment to confirm and then delete the relevant content on its Facebook page.

However, the e-mail received by HKEPC came from a Google Gmail mailbox, not from Synology's mailbox, obviously sent by a third party.

Synology officially emphasized that it will only send e-mails to users from e-mail addresses with the suffixes @synology.com and @synologynotification.com, and users need to pay attention to whether the website pointed to by the hyperlink belongs to the official after receiving the e-mails.

TapTechNews attaches the original text of Synology's official announcement as follows: