Employees Targeted By Hackers Posing As HR Department

November 12, 2019

Written by wukovits

Just when you think scammers couldn’t get any lower, they find new ways to prove you wrong.  Recently, a new phishing scam has been spotted in the wild, this one baiting potential victims with the possibility of pay raises.

The scammers structured their email so that they appeared to come from the Human Resources department of their victims’ companies.

They asked the recipient of their phishing email to open an Excel spreadsheet bearing the name “salary-increase-sheet-November-2019.xls.”  A shortcut to the remotely hosted spreadsheet was naturally provided.

The body of the email explained that “The Years Wage increase will start in November 2019 and will be paid out for the first time in December, with recalculation as of November.”  Needless to say, this tends to catch most people’s attention.  After all, who doesn’t want a raise, right?

If a recipient clicked on the link, he or she would then be asked to provide Office 365 login credentials in order to see the file.  Of course, the file contains dummy data and has nothing to do with getting a raise; it’s simply a useful hook to get an unwitting user to hand over their credentials.

The scammers not only constructed a convincing looking email, but the Office 365 login screen looks exactly like a legitimate login screen. This goes far in explaining the campaign’s unusually high success rate.

The researchers who have been following the issue urge Office 365 users to enable multi-factor authentication via Office 365 or a third-party solution. They also encourage business owners to enroll their staff in phishing awareness training programs designed to help employees spot and report phishing attempts more easily.

Be on high alert for this one.  So far it has proved to be a highly effective campaign.

Used with permission from Article Aggregator

Bayou Tech

We provide solutions for your business. Find out how we can help.

Related Articles

Some Amazon Device Features May Have Security Risks

Have you heard of Amazon Sidewalk? If not, it's definitely something you should be aware of. Depending on your point of view, the new feature, which was enabled by default on a wide range of Amazon devices by default on June 8 of this year (2021) is either...

Email Unsubscribe Scam Can Easily Fool Any User

Scammers are increasingly relying on a tried and true bit of social engineering to fool unsuspecting users into unwittingly signing up to receive a flood of additional spam email. They accomplish this by blasting out an email asking recipients if they wish to...

Update VMWare Software Immediately To Avoid Possible Attack

The US Cybersecurity and Infrastructure Security Agency recently issued a warning to all companies running VMware Vcenter Server and VMware Cloud Foundation. They are asking them to download and apply the latest security patches as soon as possible because attackers...

Send us a message

Your message was sent.