Digwatch reported:
A job-themed phishing attack exploits spoofed Google Forms domains to harvest login information from victims.
Attackers are using a spoofed domain, forms.google.ss-o[.]com, to mimic the legitimate Google Forms service and trick victims into signing in.
Users are advised to avoid clicking unsolicited job links, verify opportunities through official channels, and enable multi-factor authentication. Password managers and real-time anti-malware tools can also reduce exposure to credential theft.
Click to read the original article here.
A job-themed phishing attack exploits spoofed Google Forms domains to harvest login information from victims.
Attackers are using a spoofed domain, forms.google.ss-o[.]com, to mimic the legitimate Google Forms service and trick victims into signing in.
Users are advised to avoid clicking unsolicited job links, verify opportunities through official channels, and enable multi-factor authentication. Password managers and real-time anti-malware tools can also reduce exposure to credential theft.
Click to read the original article here.
Key Takeaway: Find the company page and check for available jobs via their legitimate site. Then follow instructions to apply. If internal, apply via your corporate intranet.
Enroll in Training Sessions: Last Thursday of Every Month is Training on Frauds and New Scam Alerts and How to Combat
Enroll in Training Sessions: Last Thursday of Every Month is Training on Frauds and New Scam Alerts and How to Combat