Crane Hassold, Director of Threat Intelligence at Abnormal Security, is seeing bad actors exploit the transition to the new year by sending out phishing campaigns containing themes of updated human resources (HR) policy announcements to steal employee credentials.
Abnormal Security has looked at campaigns incorporating these themes, and has published a report discussing why the content of these phishing attacks could result in a higher success rate, and providing recommendations about how organizations can better protect themselves from similar attacks.
- The first link-based attack imitated a company HR email that announced the release of a new employee handbook, which included a link to a phishing page meant to steal an employee’s name and email credentials.
- The second payload-based phishing attack posed as an announcement from the company HR team about updates to the company’s benefits package and requested the recipient review a supposed updated handbook, which opened a phishing page to steal account credentials.
You can read the full report here.
Like this:
Like Loading...
Related
This entry was posted on January 19, 2023 at 9:02 am and is filed under Commentary with tags Abnormal Security. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
New Phishing Attacks Pose As Updated HR Policy Announcements In The New Year
Crane Hassold, Director of Threat Intelligence at Abnormal Security, is seeing bad actors exploit the transition to the new year by sending out phishing campaigns containing themes of updated human resources (HR) policy announcements to steal employee credentials.
Abnormal Security has looked at campaigns incorporating these themes, and has published a report discussing why the content of these phishing attacks could result in a higher success rate, and providing recommendations about how organizations can better protect themselves from similar attacks.
You can read the full report here.
Share this:
Like this:
Related
This entry was posted on January 19, 2023 at 9:02 am and is filed under Commentary with tags Abnormal Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.