Archive for KnowBe4

KnowBe4 Scam of the Week: Fake Financial File Phishing

In a recent phishing email scam, cybercriminals use vague financial terms that attempt to make you curious enough to click the attachment in the email. The subject of the email is “Remittance Summary,” and the malicious attachment is named “Payment Advice.” The body of the email only says, “Find attached payment advice for remittance.. Kindly revert.” The sender of the email appears to be legitimate, but it is actually sent from a fake sender address. If you download the PDF file, the malware will begin installing on your computer.

The attached malware is designed to gather sensitive information from your device. It can find personal data stored in your web browser, such as login credentials. It can also install a keylogger, which is a type of malware that records every key pressed on your keyboard. Whenever you enter your username and password, the keylogger can record exactly what you’ve typed and send it directly to the cybercriminals.  
 
Follow these tips to avoid falling victim to a financial phishing scam:
Be skeptical. If an email looks suspicious or contains unusual grammatical errors, immediately report it to your organization.
Check the email address carefully. Cybercriminals will often use email addresses that appear very similar to legitimate senders.
Never download unexpected attachments. If you’re not expecting an attachment or the email is from someone that you don’t know, don’t open it.

The KnowBe4 Security Team
KnowBe4.com

SCAM OF THE WEEK: Invitation to a Malware Party

Cybercriminals recently targeted European diplomats by impersonating representatives for the ambassador of India. They each received a fake invitation to an exclusive wine-tasting party. But, the invitation was actually a trick to install malware onto their devices. This type of scam could be used to target anyone, so let’s take a closer look at how it worked.

The scam starts with a simple phishing email that includes an attached PDF file. The PDF file is a convincing invitation to a party, complete with official-looking letterhead and contact information. The invitation asks you to complete a questionnaire in order to reserve your spot. If you click the questionnaire link, you are redirected to a website that automatically downloads malware onto your device. Once installed, the malware hides on your device and sends data back to the cybercriminals. 
 
Follow the tips below to stay safe from similar scams:

  • Be cautious of unexpected and exciting opportunities. Remember, if something seems too good to be true, it probably is!
  • When you receive an email or invitation, stop and look for red flags. Consider the timing of the invitation and look for any spelling or grammatical errors.

Never click a link or download an attachment in an email that you weren’t expecting. 

Fraudulent Phone Calls-- Some people are receiving calls that appear to come from ACT 1st. They are trying to scam you into giving personal and/or financial information. If you receive a call like this, do not give out information and report it to us. Learn more by clicking here