Dark Reading reported:
The Phishing Defense Center (PDC) released a report this week shedding light on one phishing campaign in which threat actors impersonated the HR department, exploiting the trust users place in their employers.
By sending deceptive emails, the perpetrators aimed to deceive unsuspecting individuals into clicking on a link purportedly for submitting their annual vacation requests.
This version of a business email compromise (BEC) threat represents the evolution of travel-focused phishing campaigns, the firm said. Clicking the link in the fake HR communication results in a login prompt overlaying the victim’s corporate home page, which was detected and automatically generated from their email address in the URL
Find the original article and read more here.
Enroll in Training Sessions: Last Thursday of Every Month is Training on Frauds and New Scam Alerts and How to Combat
The Phishing Defense Center (PDC) released a report this week shedding light on one phishing campaign in which threat actors impersonated the HR department, exploiting the trust users place in their employers.
By sending deceptive emails, the perpetrators aimed to deceive unsuspecting individuals into clicking on a link purportedly for submitting their annual vacation requests.
This version of a business email compromise (BEC) threat represents the evolution of travel-focused phishing campaigns, the firm said. Clicking the link in the fake HR communication results in a login prompt overlaying the victim’s corporate home page, which was detected and automatically generated from their email address in the URL
Find the original article and read more here.
Enroll in Training Sessions: Last Thursday of Every Month is Training on Frauds and New Scam Alerts and How to Combat