A new ruse
This week, phishing attacks targeting individual users and small businesses have been making the rounds with a new hook. Hoping to coax users into providing them with passwords or infecting computers with malware, these malicious cybercriminals have designed tax-related emails that look eerily authentic. In the midst of tax season, one may not think twice about an email requesting additional information. However, the IRS will never make initial contact with you via phone or email.
Cybercriminals are becoming increasingly savvy. By sending users Office 365 files requesting additional information, they’re counting on users being overly comfortable with a trusted file type. Files that appear to be saved in Microsoft Word or Excel, have lead users to open the infected files without a second thought. Be on the lookout for any emails asking for additional information with attached files like “taxletter.doc” or “2300CAD”. Even a simple request to call a representative on a direct line is fraudulent.
How does it work?
Once the document has been opened, your first line of defense has been bypassed. A simple click of the mouse to open the attached file allows a password stealer will run in the background. This only takes moments to infiltrate a user’s defenses and the signs you have been affected may not be immediate. People might not always see drastic changes when their devices are compromised. Be on the lookout for small changes like programs running slower, random crashes, or new icons installed on your desktop.
What do I do if I have compromised my network?
If your network may have been opened to these cyber criminals, make sure to turn off your computer immediately and contact your network administrator right away.
How do we protect our business from threats?
Utilizing software such as advance business security with Bitdefender GravityZone will allow your business to stay ahead of any security threats.