Someone I know (call them Darren Smith) recently received a rather odd email. It was sent to their personal email address, firstname.lastname@example.org. The “From” field had “Darren Smith” as the name in it, but the actual email address was email@example.com.
The text of the email is this:
NameOfDarren'sFriend, Are you free at the moment? Regards, Darren Smith
I have no idea what this could be, how whatever this is got the name of the person Darren knows, or how it got Darren’s original email address. Anyone have any insight as to what sort of attack this is, and what steps should be taken now?