BITSIGHT reported:
Click to read the original article here.
Clone phishing is a technique in which attackers resend a previously legitimate email with malicious links or attachments substituted for the original content. Familiarity with the message significantly increases the likelihood of user interaction.
During business email compromise investigations, attackers have cloned genuine invoice and document-sharing emails exchanged between vendors and finance teams. The malicious version often includes minimal changes and a short note explaining the resend.
Red flags:
During business email compromise investigations, attackers have cloned genuine invoice and document-sharing emails exchanged between vendors and finance teams. The malicious version often includes minimal changes and a short note explaining the resend.
Red flags:
- Unexpected resends or updates.
- Minor sender address changes or domain variations.
- Links that do not match displayed text.
- Tone inconsistent with the original sender.
- Unexplained urgency.
Click to read the original article here.
Key Takeaway: Fraudsters are intercepting real emails so check reply emails as diligently as new emails.
Enroll in Training Sessions: Last Thursday of Every Month is Training on Frauds and New Scam Alerts and How to Combat
Enroll in Training Sessions: Last Thursday of Every Month is Training on Frauds and New Scam Alerts and How to Combat