Don’t fall victim of a spear-phishing attack!
Cybercriminals are targeting companies with campaigns designed to steal employees’ personal data, frequently through targeted emails claiming to come from within the company. These emails are crafted to look very legitimate to the untrained eye.
This kind of scam, which is called spear-phishing, can trick the unwary employees into divulging sensitive information. This kind of attack was seen late last month when Snapchat was snared by a targeted email that appeared to come from the Snapchat CEO and requested data on current and past employees.
This is a slightly different twist on the regular phishing emails, but equally dangerous to employers and employees alike.
The reason the crooks want to steal employee data, as opposed to customer data, is that companies hold all of the relevant information on their employees that crooks can use to file fraudulent returns, usually all stored in one form called a W-2. With the W-2 information, the criminals can file tax refund requests and have checks mailed out to them by the IRS.
Two other big companies have fallen prey to spear-phishing attacks targeting employee data in the past couple of weeks, although there is no evidence at the moment that links them to one another.
Mansueto Ventures, which publishes the business magazines Fast Company and Inc., was hit by a spear-phishing campaign targeting Mansueto Ventures employee payroll information, according to Business Insider (BI).
Seagate, a data storage company, was also phished by hackers seeking employee data for tax fraud, according to security blogger Brian Krebs.
In previous months, we’ve learned of other spear-phishing attacks are Domain Registration company ‘Rightside’ and even at security consulting company ‘KnowBe4’, whose CEO detected the phishing attempt and blocked it.
Locally, a spear-phishing attack was reported to us by one of our customers – the Greeley Healthcare Company was also on the ball and able to detect that “something wasn’t right” about the email before acting on it in a way that might have compromised their security, their bank accounts or those of their employees.