Our website uses cookies to ensure a great experience. We also use third party cookies. To find out more about the cookies on our web site, please read our privacy policy. By continuing to use our website, you agree to the use of cookies. Continue
How Can We Help You? Request a Quote Today! Click Here

Exploiting the Coronavirus: Watch out for a Phony Form from HR

Tue, Dec 22, 2020 at 7:00AM

Exploiting the Coronavirus: Watch out for a Phony Form from HR

For many months, organizations across the globe have been working remotely due to the coronavirus pandemic. In a new phishing attack, the bad guys target your feelings of stress or excitement about returning to the office. 
 The phishing email resembles something that your human resources department might send about returning to the office. Attached to the email is an HTML file that includes your name in the file name. If you download and open this attachment, you’ll be taken to a file that is hosted on the file-sharing site, Microsoft SharePoint. According to the document, you must acknowledge the return to office policy by providing your username and password. If you enter your credentials here, the information will be sent directly to the bad guys and they’ll have the same access to your organization as you do.
 Don’t fall for this trick! Remember these tips:

  • This attack tries to exploit the uncertainty of going back to work in the office. Don’t let the bad guys toy with your emotions. Think before you click!
  • Never impulsively click on a link or download an attachment that you weren’t expecting, even if it appears to be from your own organization.
  • When in doubt, reach out to the sender by phone to confirm the legitimacy of the email before clicking a link or downloading an attachment.

 Stop, Look, and Think.


Don't be fooled.
The KnowBe4 Security Team

Bookmark & Share

User Comments

Be the first to comment on this post below!