Secretary of the State Stephanie Thomas issued a warning Monday for businesses in the state to be aware of a malicious email that claims to be from the Connecticut Business Registry.
Already a Subscriber? Log in
Get Instant Access to This Article
Subscribe to Hartford Business Journal and get immediate access to all of our subscriber-only content and much more.
- Critical Hartford and Connecticut business news updated daily.
- Immediate access to all subscriber-only content on our website.
- Bi-weekly print or digital editions of our award-winning publication.
- Special bonus issues like the Hartford Book of Lists.
- Exclusive ticket prize draws for our in-person events.
Click here to purchase a paywall bypass link for this article.
Secretary of the State Stephanie Thomas issued a warning Monday for businesses in the state to be aware of a malicious email that claims to be from the Connecticut Business Registry.
According to the warning, the email contains a malicious Team OpenSign link that prompts the user to review and sign an undisclosed digital document.
In a copy of the email provided by the Secretary of the State’s office, the email is from “director@department-admin.info, and the subject line states:” The Office of the Secretary - Connecticut Business Registry has requested you to sign Connecticut Business Registry.”
The body of the email states that the “Office of the Secretary - Connecticut Business Registry has requested you to review and sign Connecticut Business Registry. Your signature is crucial to proceed with the next steps as it signifies your agreement and authorization.” The email then provides a link labeled as “Sign here.”
This type of attack is known as "spoofing," where the sender changes the "from" address to make the email appear to come from a legitimate source — in this case, the Office of the Secretary of the State.
The intent is to trick users into clicking malicious links that can download malware, reveal sensitive information to cybercriminals such as login credentials, or request money transfers.
"Cybercriminals are getting more sophisticated, and it’s critical that businesses stay alert," Thomas said in a statement.
She added that her office will never send unsolicited documents for signature.
Thomas said emails from her office will always come from an @ct.gov email address.
In addition, all standard email applications allow recipients to see the real sender by hovering over or clicking on the “from” address. If doing that reveals an address that is not @ct.gov, the email does not come from the state and should not be trusted.
Even if the email appears to be official, Thomas added, criminals can still trick someone by using a similar-looking address, such as @cct.gov or @ct-gov.org, hoping the difference won't be noticed.
All official business filings can be accomplished by visiting business.ct.gov and logging in, she said. If a link appears to be suspicious, even in an email from @ct.gov, do not click it, she added.
