When this email arrived, the CSO editorial staff questioned it immediately (Read the full story here). First, none of us had heard of Fiserv before, and Pat Evans was the name of an unknown person. The message itself is addressed to the main editorial team, but it's also addressed to addresses that none of us had ever seen before.

The email's subject, simply telling us that there is some sort of scanned file being forwarded, is another red flag. Who would be scanning files and sending them to us? Why would anyone do that and not tell us to expect said scans? Finally, the email has a ZIP attachment, which is a known potentially malicious file type, along with DOC, XLS, EXE, and PDF.

