Skip to main content

Beware - that email from HR might be a cyber scam

Remote workers are being targeted by a wide-ranging new online scam looking to steal business logins.

Researchers at security firm Cofense have uncovered a phishing campaign masquerading as emails from HR departments.

The scam targets employees who are still getting used to working from home, tricking them into giving away credentials such as login details through fake remote working enrolment forms.

Fake HR

Cofense found that the hackers were exploiting the popular Microsoft Sway application to steal credentials and host phishing websites. 

Sway is a free application from Microsoft that allows employees to generate documents such as newsletters and presentations and is commonly used by professionals to conduct their regular day to day work tasks.

The criminals used this service to create and send out emails containing subject lines such as ‘Employee Enrollment Required’ and ‘Remote Work Access.' Claiming to come from "Human Resources", and phrased to resemble official internal communications the email asks the recipient to click on a link to enroll in an remote working policy.

However clicking on this link sends the victim to a fake phishing site, where their credentials are stolen and potentially sold on.

Cofense says it has detected multiple instances of such scams, and warns that as they often used legitimate domains and URLs, these campaigns went undetected for a long periods of time, which could mean a large number of accounts were compromised.

"As employees have rapidly shifted to remote working, threat actors have started to look at ways they capitalize on the COVID-19 pandemic to spoof new corporate policies and legitimate collaboration tools to harvest valuable corporate credentials, a trend we anticipate will only continue to gain steam in the foreseeable future," Kian Mahdavi from the Cofense Phishing Defense Center wrote in a blog explaining the threats.

Cofense recommends employees take extra care when reading all emails, even those claiming to come from their employer, and check links by hovering their cursor above the hyperlinked text to ensure it is directing them to a legitimate site.



from TechRadar - All the latest technology news https://ift.tt/3529KRo
Labels:

Comments

Post a Comment

Popular posts from this blog

TalentLMS

 
Post a Comment
Read more

Airship acquires SMS commerce company ReplyBuy

Airship is announcing that it has acquired mobile commerce startup ReplyBuy . The startup (which was a finalist at TechCrunch’s 1st and Future competition in 2016) works with customers like entertainment venues and professional and college sports teams to send messages and sell tickets to fans via SMS. It raised $4 million in funding from Sand Hill Angels, Kosinski Ventures, SEAG Ventures, Enspire Capital, MRTNZ Ventures and others, according to Crunchbase . Airship, meanwhile, has been expanding its platform beyond push notifications to cover customer communication across SMS, email, mobile wallets and more. But CEO Brett Caine said this is the first time the company is moving into commerce. While sports and concerts tickets might not be a booming market right now, Caine suggested that the company is actually seeing increased purchasing activity “in and around the Airship platform” as businesses try to drive more in-app purchases. He also suggested that both the COVID-19 pandem...
Post a Comment
Read more