So, here’s a new phish: see these fresh screen shots from emails reported to us through the free KnowBe4 Phish Alert Button. Bad guys spoof the managing partner and CPA and an accounting & consulting firm and ask an employee for the  “Cash/Bank Statement Reconciliation” for June of this year.

Cash_Bank_Statement  - Cash Bank Statement - *Another* New CEO Fraud Phishing Wrinkle

Now, it’s not immediately clear what the bad guys could could with the data from such a statement, but this may simply be a first step of a one-two punch that is meant to establish credibility. The next step would be a malicious request for salary payment records like a pay stub that allow the bad guys to change bank accounts for direct deposit salary payment to accounts they control.

Here is another variant, where the employee seems to be willing to comply:

month_end_statement  - month end statement - *Another* New CEO Fraud Phishing Wrinkle

 

Watch out for this new type of CEO fraud, and train your accounting team to not fall for spoofed social engineering attacks like this!


Free Phish Alert Button

When new spear phishing campaigns hit your organization, it is vital that IT staff be alerted immediately. One of the easiest ways to convert your from potential targets and victims into allies and partners in the fight against cybercrime is to roll out KnowBe4’s free Phish Alert Button to your employees’ desktops. Once installed, the Phish Alert Button allows your users on the front lines to sound the alarm when suspicious and potentially dangerous emails slip past the other layers of protection your organization relies on to keep the bad guys at bay.

Get your Phish Alert Button  - 382f9cb5 6469 43da 9863 6aa99e878434 - *Another* New CEO Fraud Phishing Wrinkle

Don’t like to click on redirected links? Cut & Paste this link in your browser:

https://www.knowbe4.com/free-phish-alert



Source link
Based Blockchain Network

LEAVE A REPLY

Please enter your comment!
Please enter your name here