Kaspersky Warns of HR Credential Scams on the Rise - IT News Africa | Business Technology, Telecoms and Startup News

  • 📰 ITNewsAfrica
  • ⏱ Reading Time:
  • 59 sec. here
  • 2 min. at publisher
  • 📊 Quality Score:
  • News: 27%
  • Publisher: 59%

Indonesia Berita Berita

Indonesia Berita Terbaru,Indonesia Berita utama

cybercriminals have been resorting to sending fake HR emails to employees with the aim of acquiring corporate credentials. kaspersky revealed a concerning trend over the European summer months. Cybersecurity Scams DataSafety InternetSecurity 👇👇

Their deceptive strategy revolves around enticing employees to click on phishing links embedded in these emails. The attackers craft their messages around vacation schedules, often using tactics such as sudden rescheduling, date confirmations, or conflicts with important events. Given that many employees have already made travel arrangements, including purchasing tickets and booking hotels, they are more susceptible to falling prey to such scams.

An example of a fraudulent email demonstrates the intricacies of these deceptive schemes. Upon closer examination, it becomes evident that the sender is not an authentic company employee. The “HR director” who “signed” the email remains nameless, and the signature does not align with the organization’s corporate style. Furthermore, the link, seemingly leading to a PDF file, is actually associated with a completely different address.

It is evident that the attackers possess only the recipient’s email address. They employ automated mass mailing tools that extract the company’s domain name and the employee’s name from the address. These details are then used to impersonate the link and the sender’s signature. Even if the victim unwittingly clicks the phishing link, there are still indications of fraud on the attackers’ websites. The fake site, designed to steal credentials, is hosted on Huawei Cloud rather than the company’s official server. Moreover, the name of the file on the site does not correspond to the PDF mentioned in the email. The absence of any attributes connecting the site to the specific company further raises suspicions.

Berita ini telah kami rangkum agar Anda dapat membacanya dengan cepat. Jika Anda tertarik dengan beritanya, Anda dapat membaca teks lengkapnya di sini. Baca lebih lajut:

 /  🏆 27. in İD
 

Terima kasih atas komentar Anda. Komentar Anda akan dipublikasikan setelah ditinjau.

Indonesia Berita Terbaru, Indonesia Berita utama