November 15, 2024 - Phishing attempt targeting Forest Admin users

arnaud · November 14, 2024, 1:55pm

Dear Forest Admin users,

We are writing to inform you about a phishing attempt that was reported by one of our Customers on November 14, 2024 and targeting their user accounts in our platform.

This attempt was designed to deceive users into revealing their login credentials.

The phishing attempt involved fraudulent emails that appear to come from Forest Admin, but use an unofficial domain name (forest-admin .com) very close to the official one.
This attempt was designed to deceive users into revealing their Forest Admin personal password by impersonating legitimate communications from our service.

The fraudulent email below received by our Customer’s users from support@forest-admin .com illustrates how the attack attempted to trick Forest Admin users:

See the fraudulent form example below:

If you received such an email and have already clicked on the “Reset password” action and submitted your password information, please inform your system administrator immediately and reset your Forest Admin password immediately to prevent unauthorized access to your Forest Admin account.

As a general reminder, we strongly encourage our users to take the following actions to protect their accounts:

Always verify the sender of any unexpected emails or messages before clicking on links or providing any personal information.
Never click on links or open attachments from unknown sources.
Never share your Forest Admin credentials
If you receive any suspicious messages or believe you’ve been targeted by a phishing attempt, please report it to your system administrator and to Forest Admin immediately at support@forestadmin.com.

Forest Admin project administrators are strongly encouraged to implement the security features available in our platform to secure their Users’ access to our platform:

Force two-factor authentication (2FA) to add an extra layer of security to your users’ accounts
Implement SSO login
Implement IP Whitelisting

We want to assure you that our technical team is actively monitoring the situation, and will take any step necessary to block this malicious fishing attempt. At this time, we have found no evidence of data breaches or unauthorized access to Forest Admin accounts.

If you have any questions or concerns, our support team is here to assist you. We appreciate your understanding and will keep you informed of any developments.

Thank you for your continued trust in Forest Admin.

Sincerely,
Arnaud, CTO @ Forest Admin

arnaud · November 18, 2024, 11:18am

[IMPORTANT UPDATE]

Dear Forest Admin users,

The Customer whose Users had been subject to the phishing attempt reported last week came forward today to inform us that the phishing attempts were in fact part of a internal/customer-led cybersecurity testing initiative targeting 25 of their employees.

We remind our Customers that we take Security matters very seriously and that using Forest Admin’s logo and name without our consent to conduct phishing attempts (even for a Customer’s internal testing purposes) is a violation of our Terms and Conditions.

Investigations into this registered Security Event are now closed on Forest Admin’s side.

Sincerely,
Arnaud, CTO @ Forest Admin

Topic		Replies	Views
Can't login to ForestAdmin Help me!	1	20	October 28, 2024
October 2024 - Forest Admin important downtime on October 8-9-13 News & Announcements	0	152	October 10, 2024
Authentication suddenly leads to error Help me!	6	33	October 9, 2024
Forest cannot authenticate the user for this request Help me!	23	448	July 27, 2022
Https://app.forestadmin.com/ down or unreachable Help me!	2	445	November 18, 2020

November 15, 2024 - Phishing attempt targeting Forest Admin users

Related topics