Kaspersky Warns of HR Credential Scams on the Rise - IT News Africa | Business Technology, Telecoms and Startup News

  • 📰 ITNewsAfrica
  • ⏱ Reading Time:
  • 59 sec. here
  • 2 min. at publisher
  • 📊 Quality Score:
  • News: 27%
  • Publisher: 59%

Business News News

Business Business Latest News,Business Business Headlines

cybercriminals have been resorting to sending fake HR emails to employees with the aim of acquiring corporate credentials. kaspersky revealed a concerning trend over the European summer months. Cybersecurity Scams DataSafety InternetSecurity 👇👇

Their deceptive strategy revolves around enticing employees to click on phishing links embedded in these emails. The attackers craft their messages around vacation schedules, often using tactics such as sudden rescheduling, date confirmations, or conflicts with important events. Given that many employees have already made travel arrangements, including purchasing tickets and booking hotels, they are more susceptible to falling prey to such scams.

An example of a fraudulent email demonstrates the intricacies of these deceptive schemes. Upon closer examination, it becomes evident that the sender is not an authentic company employee. The “HR director” who “signed” the email remains nameless, and the signature does not align with the organization’s corporate style. Furthermore, the link, seemingly leading to a PDF file, is actually associated with a completely different address.

It is evident that the attackers possess only the recipient’s email address. They employ automated mass mailing tools that extract the company’s domain name and the employee’s name from the address. These details are then used to impersonate the link and the sender’s signature. Even if the victim unwittingly clicks the phishing link, there are still indications of fraud on the attackers’ websites. The fake site, designed to steal credentials, is hosted on Huawei Cloud rather than the company’s official server. Moreover, the name of the file on the site does not correspond to the PDF mentioned in the email. The absence of any attributes connecting the site to the specific company further raises suspicions.

 

Thank you for your comment. Your comment will be published after being reviewed.
Please try again later.
We have summarized this news so that you can read it quickly. If you are interested in the news, you can read the full text here. Read more:

 /  🏆 27. in BUSİNESS

Business Business Latest News, Business Business Headlines