In a recent phishing email scam, cybercriminals use vague financial terms that attempt to make you curious enough to click the attachment in the email. The subject of the email is “Remittance Summary,” and the malicious attachment is named “Payment Advice.” The body of the email only says, “Find attached payment advice for remittance.. Kindly revert.” The sender of the email appears to be legitimate, but it is actually sent from a fake sender address. If you download the PDF file, the malware will begin installing on your computer.
The attached malware is designed to gather sensitive information from your device. It can find personal data stored in your web browser, such as login credentials. It can also install a keylogger, which is a type of malware that records every key pressed on your keyboard. Whenever you enter your username and password, the keylogger can record exactly what you’ve typed and send it directly to the cybercriminals.
Follow these tips to avoid falling victim to a financial phishing scam:
Be skeptical. If an email looks suspicious or contains unusual grammatical errors, immediately report it to your organization.
Check the email address carefully. Cybercriminals will often use email addresses that appear very similar to legitimate senders.
Never download unexpected attachments. If you’re not expecting an attachment or the email is from someone that you don’t know, don’t open it.
The KnowBe4 Security Team
KnowBe4.com