SCAM OF THE WEEK: Fake Firing, Real Malware

Suddenly losing your job can be very stressful, and cybercriminals are trying to use this to their advantage. In this week’s scam, cybercriminals send you what appears to be an email from the UK Employment Tribunal. The email states that the tribunal is taking action against you, lists a case number, and contains a job termination notice. The email then states that you must download and reply to a document or face serious legal consequences.

The email seems alarming. However, clicking the download button doesn’t lead to any documents. Instead, it leads you to a fake Microsoft page that will infect your computer with malware. This malware is designed to steal the user credentials that you use to log in to financial websites. Your job was never at risk, but now your computer and financial information have been compromised by the malware. The cybercriminals now have access to your personal data!

Follow these tips to avoid falling victim to a phishing scam:

• While this scam targets users in the UK, remember that scammers can use similar techniques in any country. Contact your manager or human resources department for verification if you receive any unexpected emails about your employment.
• Always check the sender’s email address. Be wary of any inconsistencies in the email address, such as misspellings or odd characters.
• Watch out for a sense of urgency in emails. Phishing attacks play on your emotions to try and make you act impulsively. Always stop and think before you click!

The KnowBe4 Security Team

December 13, 2024