Incoming Flood of "Welcome" Emails

Symptom:
Email user experiences an incoming flood of "Welcome" emails from various random sites. These emails will mostly likely be found under "Junk Mail", because our email security product Inky is set to detect an incoming email flood and classify them as junk. This activity will be followed up by a Teams contact, via chat or call, pretending to the the Service Desk. Scammer will offer to help resolve the issue and request remote access to the user's machine.

Problem:
Hackers/scammers are using bots to create accounts using the email addresses of the victims, triggering thousands of random small websites and web storefronts to send legitimate welcome emails to the victim. Scammers then use Teams to contact the victims pretending to be IT Support, offering to help fix the problem.

Solution:
Ignore or delete emails from Junk or clear out the Junk folder (these are technically legitimate but garbage), and watch for attempted suspicious contact attempts. Report any such attempts to the Service Desk at once, so that IT can block the domains that the scammers are using.

Service Desk Process:
Create an Incident ticket under Security Incident | Malicious Activity | Denial of Service and document details. If multiple tickets arise, create a Problem ticket and associate all incidents with the problem ticket. Escalate immediately to Brian Semrau, Patrick Stefanski, Dan Wirkus or Kevin Regan, in that order, through immediate-response channels like Teams Chat or Phone until someone responds and can investigate.