Email Phishing 2 May 2020

Some users have reported receiving an email with the subject "Group reservation request".  This email contains a login button which leads to a fake SuperControl login page.

The login page is very convincing and could trick users into providing the credentials.  If you submit the fake login page then you will transmit your credentials to the attacker.

If you think that you have used the fake login please contact SuperControl support and change your password immediately using this guide.  The fake form doesn't seem to download malware.  This is just an attempt to harvest credentials.

If you use the same password for other websites or services then you should change these too.

The fake login page has a convincing URL ending with phobse.net.   Make sure to check the address in your browser.

SuperControl - Google Chrome

The genuine SuperControl login page shows just secure.supercontrol.co.uk as follows.

The email looks something like this.  SuperControl will never send you an email like this.