From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail2-relais-roc.national.inria.fr (mail2-relais-roc.national.inria.fr [192.134.164.83]) by c5ff346549e7 (Postfix) with ESMTP id A667E5D4 for ; Fri, 21 Feb 2020 08:36:39 +0000 (UTC) X-IronPort-AV: E=Sophos;i="5.70,467,1574118000"; d="p7s'?scan'208,217";a="437019686" Received: from sympa.inria.fr ([193.51.193.213]) by mail2-relais-roc.national.inria.fr with ESMTP; 21 Feb 2020 09:36:11 +0100 Received: by sympa.inria.fr (Postfix, from userid 20132) id B0AA27F438; Fri, 21 Feb 2020 09:36:11 +0100 (CET) Received: from mail3-smtp-sop.national.inria.fr (mail3-smtp-sop.national.inria.fr [192.134.164.98]) by sympa.inria.fr (Postfix) with ESMTPS id C6B857F3B1; Fri, 21 Feb 2020 09:35:58 +0100 (CET) X-IronPort-AV: E=Sophos;i="5.70,467,1574118000"; d="p7s'?scan'208,217";a="339935831" Received: from pcsic-llpold.paris.inria.fr (HELO [128.93.93.11]) ([128.93.93.11]) by mail3-relais-sop.national.inria.fr with ESMTP/TLS/DHE-RSA-AES128-SHA; 21 Feb 2020 09:35:07 +0100 From: Laurent Le Pendeven Reply-To: dsi.soc@inria.fr Message-ID: <2c64b8ae-ba07-4c1e-c7f9-e19468b73f2b@inria.fr> Date: Fri, 21 Feb 2020 09:35:07 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.4.1 MIME-Version: 1.0 To: destinataires inconnus: ; Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha-256; boundary="------------ms080904040104020307090209" Subject: [Caml-list] =?UTF-8?Q?URGENT_/_IMPORTANT_=3A_Vous_avez_=C3=A9t?= =?UTF-8?Q?=C3=A9_cibl=C3=A9_par_un_phishing_/_You_have_been_targeted_by_p?= =?UTF-8?Q?hishing?= X-Loop: caml-list@inria.fr X-Sequence: 18006 Errors-to: caml-list-owner@inria.fr Precedence: list Precedence: bulk Sender: caml-list-request@inria.fr X-no-archive: yes List-Id: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: This is a cryptographically signed message in MIME format. --------------ms080904040104020307090209 Content-Type: multipart/alternative; boundary="------------A7BA6224C8FE38F9244B7E29" Content-Language: fr-FR This is a multi-part message in MIME format. --------------A7BA6224C8FE38F9244B7E29 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: quoted-printable [ENGLISH BELOW] Bonjour, Le 17/02/2020 un message frauduleux a =C3=A9t=C3=A9 envoy=C3=A9 =C3=A0 un= certain nombre=20 d'utilisateurs Inria. Ce message, qui avait pour sujet "Avis urgent !!", demandait =C3=A0 ses=20 destinataires de saisir leurs identifiants Inria. Nous avons d=C3=A9tect=C3=A9 que vous avez pu recevoir ce message. Merci de nous faire savoir si=C2=A0: - vous avez saisi vos identifiants Inria *Ne r=C3=A9pondez au pr=C3=A9sent mail que si et seulement si=C2=A0 vous = avez saisi vos=20 identifiants* Dans le cas o=C3=B9 vous auriez communiqu=C3=A9 vos identifiants Inria, i= l faut=20 imp=C3=A9rativement modifier votre mot de passe Inria dans les plus brefs= =20 d=C3=A9lais. Nous vous invitons =C3=A0 signaler =C3=A0 l'adresse cert@inria.fr ou via = le=20 helpdesk (https://helpdesk.inria.fr/categories/93/submit) tout mail vous = semblant suspect re=C3=A7u dans votre bo=C3=AEte professionnelle et vous = demandant=20 de cliquer sur un lien ou de saisir vos identifiants Inria. Votre correspondant s=C3=A9curit=C3=A9 SI (CSSI) de centre est =C3=A9gale= ment=20 disponible en cas de doute sur un incident potentiel de s=C3=A9curit=C3=A9= =20 informatique. La liste des CSSI se trouve ici=C2=A0:=20 https://intranet.inria.fr/Inria/Directions/Direction-generale/Securite-De= fense/Securite-informatique=20 Ici un article expliquant comment se prot=C3=A9ger du phishing=C2=A0:=20 https://intranet.inria.fr/Actualite/Comment-se-proteger-du-phishing Merci par avance de votre retour (seulement si vous =C3=AAtes dans un des= =20 deux cas ci-dessus), Le service DSI-SOC. Hello, On 2020/02/17 a fraudulent message was sent to a number of Inria users. The message, which was about "Avis urgent !!", asked its recipients to=20 enter their Inria credentials. We have detected that you may have received this message. Please let us know if: - you have entered your Inria credentials *Reply to this email if and only if you have entered your Inria=20 credentials. * In the event that you have provided your Inria credentials, it is=20 essential to change your Inria password as soon as possible. We invite you to report to cert@inria.fr any suspicious e-mails received = in your business mailbox asking you to click on a link or enter your=20 Inria credentials. Your centre IT security correspondent (CSSI) is also available in case=20 of doubt about a potential IT security incident. The list of CSSI can be = found here:=20 https://intranet.inria.fr/Inria/Directions/Direction-generale/Securite-De= fense/Securite-informatique=20 Here is an article that explains how to protect from phishing emails=C2=A0= :=20 https://intranet.inria.fr/Actualite/Comment-se-proteger-du-phishing Thank you in advance for your return (only if you are in one of the two=20 cases above), The IT Security Service (DSI-SOC). _________________________________________________________________________= _______________________________=20 Le mail frauduleux / The fraudulent email=C2=A0: *De: *"Petra Brenig-Klein" *Envoy=C3=A9: *Lundi 17 F=C3=A9vrier 2020 13:33:27 *Objet: *Avis urgent !! *Avertissement !!!* * Votre mot de passe expirera dans 2 jours, pour conserver votre mot de=20 passe: **Cliquez ici Service Web 2020.* --------------A7BA6224C8FE38F9244B7E29 Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: quoted-printable

[ENGLISH BELOW] Bonjour,

Le 17/02/2020 un message frauduleux a =C3=A9t=C3=A9 envoy=C3=A9 =C3= =A0 un certain nombre d'utilisateurs Inria.

Ce message, qui avait pour sujet "Avis urgent !!", demandait =C3=A0= ses destinataires de saisir leurs identifiants Inria.

Nous avons d=C3=A9tect=C3=A9 que vous avez pu recevoir ce message.=

Merci de nous faire savoir si=C2=A0:

=C2=A0 - vous avez saisi vos identifiants Inria

Ne r=C3=A9pondez au pr=C3=A9sent mail q= ue si et seulement si=C2=A0 vous avez saisi vos identifiants<= br>

Dans le cas o=C3=B9 vous auriez communiqu=C3=A9 vos identifiants I= nria, il faut imp=C3=A9rativement modifier votre mot de passe Inria dans les= plus brefs d=C3=A9lais.=C2=A0

Nous vous invitons =C3=A0 signaler =C3=A0 l'adresse cert@inria.fr o= u via le helpdesk (https://helpdesk.inria.fr/categories/93= /submit) tout mail vous semblant suspect re=C3=A7u dans votre bo=C3=AEte professi= onnelle et vous demandant de cliquer sur un lien ou de saisir vos identifiants Inria.

Votre correspondant s=C3=A9curit=C3=A9 SI (CSSI) de centre est =C3= =A9galement disponible en cas de doute sur un incident potentiel de s=C3=A9curi= t=C3=A9 informatique. La liste des CSSI se trouve ici=C2=A0: https://intranet.inria.fr/Inria/Dire= ctions/Direction-generale/Securite-Defense/Securite-informatique

Ici un article expliquant comment se prot=C3=A9ger du phishing=C2=A0= : https://intranet.inria.fr/Actualite/Comment-se-proteger-du-phishing

Merci par avance de votre retour (seulement si vous =C3=AAtes dans= un des deux cas ci-dessus),

Le service DSI-SOC.


Hello,

On 2020/02/17 a fraudulent message was sent to a number of Inria users.

The message, which was about "Avis urgent !!", asked its recipients to enter their Inria credentials.

We have detected that you may have received this message.

Please let us know if:

- you have entered your Inria credentials

Reply to this email if and only if you have entered your Inria credentials.

In the event that you have provided your Inria credentials, it is essential to change your Inria password as soon as possible.

We invite you to report to cert@inria.fr any suspicious e-mails received in your business mailbox asking you to click on a link or enter your Inria credentials.

Your centre IT security correspondent (CSSI) is also available in case of doubt about a potential IT security incident. The list of CSSI can be found here: https://intranet.inria.fr/Inria/Dire= ctions/Direction-generale/Securite-Defense/Securite-informatique

Here is an article that explains how to protect from phishing emails=C2=A0: https://intranet.inria.fr/Actualite/Comment-se-proteger-du-phishing

Thank you in advance for your return (only if you are in one of the two cases above),


The IT Security Service (DSI-SOC).

__________________________________________________________________= ______________________________________

Le mail frauduleux / The fraudulent email=C2=A0:

De: "Petra Brenig-Klein" <Petra.Brenig-Klein@Erzbistum-Koeln.de>
Envoy=C3=A9: Lundi 17 F=C3=A9vrier 2020 13:33:27
Objet: Avis urgent !!
Avertissement !!!

Votre mo= t de passe expirera dans 2 jours, pour conserver votre mot de passe: Cliquez ici

Service Web 2020.


--------------A7BA6224C8FE38F9244B7E29-- --------------ms080904040104020307090209 Content-Type: application/pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Description: Signature cryptographique S/MIME MIAGCSqGSIb3DQEHAqCAMIACAQExDzANBglghkgBZQMEAgEFADCABgkqhkiG9w0BBwEAAKCC CmYwggUAMIID6KADAgECAhADS+4XH7fhBjcv1HJCQL0qMA0GCSqGSIb3DQEBCwUAMGUxCzAJ BgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2Vy dC5jb20xJDAiBgNVBAMTG0RpZ2lDZXJ0IEFzc3VyZWQgSUQgUm9vdCBDQTAeFw0xNDExMTgx MjAwMDBaFw0yNDExMTgxMjAwMDBaMGkxCzAJBgNVBAYTAk5MMRYwFAYDVQQIEw1Ob29yZC1I b2xsYW5kMRIwEAYDVQQHEwlBbXN0ZXJkYW0xDzANBgNVBAoTBlRFUkVOQTEdMBsGA1UEAxMU VEVSRU5BIFBlcnNvbmFsIENBIDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDG pbsfVYL0pTRyFHJlm1/V6qBo2JuCiU9TYpx7jM4O2tQyDq8bjMum69vg6wM0lMGHflMgqB75 GxeKfQFmEldoXi2cLishqFUvU2cJeM3SaRsLk2BsuCgTzh9NsYgmrUX60KHOq7eYKVZxbPFW JF2nMOBuMXNu2qBXTGSLeLXHnNvG3r7TLzGg1oA5teAxQE6Eo8ySSeIXbP7wZB76urwlh51P IbrJZjkDjdQVELh7OlTP1WO6T/Hf6BsEfeFcpoa1e+MW/lw0VetTPPHQ15HYKYP2WYohHxzD iC+QUwE7UZVBlp9cXIpwHuDzSibc5RG3z0n/j2SQCx0Dk5FMAUErAgMBAAGjggGmMIIBojAS BgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjB5BggrBgEFBQcBAQRtMGswJAYI KwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBDBggrBgEFBQcwAoY3aHR0cDov L2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0QXNzdXJlZElEUm9vdENBLmNydDCBgQYD VR0fBHoweDA6oDigNoY0aHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0QXNzdXJl ZElEUm9vdENBLmNybDA6oDigNoY0aHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0 QXNzdXJlZElEUm9vdENBLmNybDA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYc aHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAdBgNVHQ4EFgQU8CHpSXdzn4WuGDvoUnAU Bu1C7sowHwYDVR0jBBgwFoAUReuir/SSy4IxLVGLp6chnfNtyA8wDQYJKoZIhvcNAQELBQAD ggEBADrCGyv+Y967YbS5R6j8fAWxJiAiUZvIPfn1xVgesF6jspwCQY8xGn/MG04d+Jh97I8I /Xfx29JEEFq2rQmw4PxiO9RiDZ7xoDxNd4rrRDR7jrtOKQP8J+o+ah0vSOP62hnD/zPS7NRM tIyVS2G277KAL5fIR62ngr984fmJghDv0bsjGAmeu3EP0xhUsDJT61IoAGoKBnxBPAeg3WXs dSm4Gn7btyvakeyFtYebr2KmOBSa28PRqGSDur56aZhJoM2eMzc6prmvGwwtAzRsc5t2OsKR uHWV6O3anP2K27jGZR2bi1VX1NQUvIbpVNTuwjm+XcZtsa/AAJF9KGkEseAwggVeMIIERqAD AgECAhAK1D6MDcaHOx870eeLeCM6MA0GCSqGSIb3DQEBCwUAMGkxCzAJBgNVBAYTAk5MMRYw FAYDVQQIEw1Ob29yZC1Ib2xsYW5kMRIwEAYDVQQHEwlBbXN0ZXJkYW0xDzANBgNVBAoTBlRF UkVOQTEdMBsGA1UEAxMUVEVSRU5BIFBlcnNvbmFsIENBIDMwHhcNMTkxMTE4MDAwMDAwWhcN MjIxMTE4MTIwMDAwWjCBjTELMAkGA1UEBhMCRlIxFTATBgNVBAcTDFJvY3F1ZW5jb3VydDFJ MEcGA1UEChNASW5zdGl0dXQgTmF0aW9uYWwgZGUgUmVjaGVyY2hlIGVuIEluZm9ybWF0aXF1 ZSBldCBlbiBBdXRvbWF0aXF1ZTEcMBoGA1UEAxMTTGF1cmVudCBMRSBQRU5ERVZFTjCCASIw DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKFGJV+fLY88Eb+/yGxPRKGIJbnJhD206l/A voHaaoQwpxr9ntw5+1U7Aos1MLJVhcVE3jJHXZO4kqh5BbqX+sjdqgW4TLsvvRTmUnQix4Vu rxxaxxnbJg03Qt+cIur88Q/LXdtvv9Xg8+8zGAJcpspsepSMC8tZvMV9pDiEG0V6AvMoNSaD uzPdk/PaJAQR0Xy+Up6A0zXnrIuJqAKrhUJU2HoUTQFvBr7IvrfCnt4h9AWDUvS8uLijM3/3 GHQIx/D9y/Kf/67op+XCLVxlhtiT32i2nSGQJA8W417jd1AzA393p0UFGC+jW62mTK1yjJp4 g8eoSp1RM1tXeiIIyF8CAwEAAaOCAdswggHXMB8GA1UdIwQYMBaAFPAh6Ul3c5+Frhg76FJw FAbtQu7KMB0GA1UdDgQWBBQN7buNJDhoQ8ve8lwdJpiZtf3uUTAMBgNVHRMBAf8EAjAAMCcG A1UdEQQgMB6BHExhdXJlbnQuTGVfUGVuZGV2ZW5AaW5yaWEuZnIwDgYDVR0PAQH/BAQDAgWg MB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDBDBgNVHSAEPDA6MDgGCmCGSAGG/WwE AQIwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzB1BgNVHR8E bjBsMDSgMqAwhi5odHRwOi8vY3JsMy5kaWdpY2VydC5jb20vVEVSRU5BUGVyc29uYWxDQTMu Y3JsMDSgMqAwhi5odHRwOi8vY3JsNC5kaWdpY2VydC5jb20vVEVSRU5BUGVyc29uYWxDQTMu Y3JsMHMGCCsGAQUFBwEBBGcwZTAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQu Y29tMD0GCCsGAQUFBzAChjFodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vVEVSRU5BUGVy c29uYWxDQTMuY3J0MA0GCSqGSIb3DQEBCwUAA4IBAQCEU5+M2gAW4gNaK9W4rlYEliw+MvTS 3CaXqbHmYaptDMYqnLh9AXnbpA3nKMpRlu/G+UYjMp2Msuobd/dTzqjpDliuPrqvBZegsIA2 cDn268gB8TsOWOmgbcf15LY7w1nEFiHeV5ShnuLGwK0k/UfxN+pfVtch7ZSubt2ahUiqaRAg jdmhUkxEJ+Ru+wgWmkbvP8YXsE176QMtkC2dp4Z52PFWSn47Wlx3lxOktNt/db8s6ntQHZch S7ye0iQs3Vd/YpGRc53DFrKc+uzAQwocIJ5Ycfwxh/a++A3B/TubEiIgabiVYMwimmqKgmEd ZP+k2JQcrCR3pzMYOEjGOCH/MYIDozCCA58CAQEwfTBpMQswCQYDVQQGEwJOTDEWMBQGA1UE CBMNTm9vcmQtSG9sbGFuZDESMBAGA1UEBxMJQW1zdGVyZGFtMQ8wDQYDVQQKEwZURVJFTkEx HTAbBgNVBAMTFFRFUkVOQSBQZXJzb25hbCBDQSAzAhAK1D6MDcaHOx870eeLeCM6MA0GCWCG SAFlAwQCAQUAoIIB9zAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEP Fw0yMDAyMjEwODM1MDdaMC8GCSqGSIb3DQEJBDEiBCD4FKtTuPVEaNGxI+QODp9BUVgs4iAt bNkxERiLeboLXjBsBgkqhkiG9w0BCQ8xXzBdMAsGCWCGSAFlAwQBKjALBglghkgBZQMEAQIw CgYIKoZIhvcNAwcwDgYIKoZIhvcNAwICAgCAMA0GCCqGSIb3DQMCAgFAMAcGBSsOAwIHMA0G CCqGSIb3DQMCAgEoMIGMBgkrBgEEAYI3EAQxfzB9MGkxCzAJBgNVBAYTAk5MMRYwFAYDVQQI Ew1Ob29yZC1Ib2xsYW5kMRIwEAYDVQQHEwlBbXN0ZXJkYW0xDzANBgNVBAoTBlRFUkVOQTEd MBsGA1UEAxMUVEVSRU5BIFBlcnNvbmFsIENBIDMCEArUPowNxoc7HzvR54t4IzowgY4GCyqG SIb3DQEJEAILMX+gfTBpMQswCQYDVQQGEwJOTDEWMBQGA1UECBMNTm9vcmQtSG9sbGFuZDES MBAGA1UEBxMJQW1zdGVyZGFtMQ8wDQYDVQQKEwZURVJFTkExHTAbBgNVBAMTFFRFUkVOQSBQ ZXJzb25hbCBDQSAzAhAK1D6MDcaHOx870eeLeCM6MA0GCSqGSIb3DQEBAQUABIIBAD88/Ggf tvN4Xn2xnIC3WCrVDHUjc4fKgaSJYsctpbgd9ONnnUWyXXdBwsafVFsPgmc8aDPdQJGBbfKT x8R3Ngg/bj2JEecBTwFpNIkF+rRdkV7paHaXIrzBHmlRvTcj9sbHtoGtpgyb2Lsttsam/xLp BgOOJ7dMgYlYUGJefYGji8yQHmB2ZqFaoUNopMAMP4M/7fHWr5wL4c7V8GCqAYw+RL9hBdPg s9z+EGviszVoq8P8hB87rBP+eVzRDmY8mBvhDDWwt6Y/qaGiK9gTw1vBO+Fg1e3CeYprG1t1 cMi34daOAHGU+ARON1aeP2jQMCSEgeCPh9MGE6yWh5zGrOwAAAAAAAA= --------------ms080904040104020307090209--