Eric Howes,  KnowBe4 Principal Lab Researcher observed:

“Here is a screenshot of a email that came in Friday. In it the attempt to apply the same modus operandi currently bring used to hijack victims’ paychecks to go after their savings.

Benefits Withdrawal-1  - Benefits 20Withdrawal 1 - [ALERT] Now The Bad Guys Are Phishing For Your Retirement Money

In this phish the bad guys are spoofing the President and CEO of the company. The recipient is the company’s Benefits Manager.

I suspect the bad guys will find this confidence scam doesn’t work in nearly as straightforward a fashion as the paycheck-hijack scheme. But even when these kinds of phishing attacks don’t succeed, they still offer an opportunity for malicious actors to gather intelligence, learn from the unwitting with whom they communicate, and refine their approach.

It took the bad guys a few months to develop a viable social engineering scheme for snatching employees’ paychecks. But they have it down now, and “direct deposit” phishes are a standard component of the daily mix of malicious emails reported to us with the PAB — right up there with other forms of CEO fraud, including iTunes gift card phishes, wire fraud phishes, and W-2 phishes.

So, this is just the beginning. Unfortunately, some folks will likely see their retirement accounts cleaned out before their organizations finally start to take the threat of CEO fraud phishing seriously.”


Find out how affordable new-school security awareness training is for your organization. Get a quote now.

 

Get A Quote  - a8252926 7187 4c02 9dd4 933c17d712b1 - [ALERT] Now The Bad Guys Are Phishing For Your Retirement Money
Request A Demo  - 2af0f76d 67ca 4454 9896 5cb1da9b1f50 - [ALERT] Now The Bad Guys Are Phishing For Your Retirement Money

 



Source link
Based Blockchain Network

LEAVE A REPLY

Please enter your comment!
Please enter your name here