Kaspersky Warns of HR Credential Scams on the Rise - IT News Africa | Business Technology, Telecoms and Startup News

  • 📰 ITNewsAfrica
  • ⏱ Reading Time:
  • 59 sec. here
  • 2 min. at publisher
  • 📊 Quality Score:
  • News: 27%
  • Publisher: 59%

Россия Новости Новости

Россия Последние новости,Россия Последние новости

cybercriminals have been resorting to sending fake HR emails to employees with the aim of acquiring corporate credentials. kaspersky revealed a concerning trend over the European summer months. Cybersecurity Scams DataSafety InternetSecurity 👇👇

Their deceptive strategy revolves around enticing employees to click on phishing links embedded in these emails. The attackers craft their messages around vacation schedules, often using tactics such as sudden rescheduling, date confirmations, or conflicts with important events. Given that many employees have already made travel arrangements, including purchasing tickets and booking hotels, they are more susceptible to falling prey to such scams.

An example of a fraudulent email demonstrates the intricacies of these deceptive schemes. Upon closer examination, it becomes evident that the sender is not an authentic company employee. The “HR director” who “signed” the email remains nameless, and the signature does not align with the organization’s corporate style. Furthermore, the link, seemingly leading to a PDF file, is actually associated with a completely different address.

It is evident that the attackers possess only the recipient’s email address. They employ automated mass mailing tools that extract the company’s domain name and the employee’s name from the address. These details are then used to impersonate the link and the sender’s signature. Even if the victim unwittingly clicks the phishing link, there are still indications of fraud on the attackers’ websites. The fake site, designed to steal credentials, is hosted on Huawei Cloud rather than the company’s official server. Moreover, the name of the file on the site does not correspond to the PDF mentioned in the email. The absence of any attributes connecting the site to the specific company further raises suspicions.

 

Спасибо за ваш комментарий. Ваш комментарий будет опубликован после проверки
Мы обобщили эту новость, чтобы вы могли ее быстро прочитать.Если новость вам интересна, вы можете прочитать полный текст здесь Прочитайте больше:

 /  🏆 27. in RU

Россия Последние новости, Россия Последние новости