Connect with us

Hi, what are you looking for?

HEADLINES

What company employees should know about fake notifications about account security

In general, it’s best to keep phishing emails out of employee inboxes altogether. Ideally, they (plus all other unwanted correspondence, including spam, messages with malicious attachments and BEC-related emails) should be intercepted at the mail gateway level.

Most online services have a built-in security system that alerts you when it detects “unusual” activity on your account. For example, services send notifications about attempts to reset the phone number and email address linked to the account, or the password. Of course, as soon as such messages became commonplace, enterprising cybercriminals tried to imitate this mechanism to attack corporate users.

Example of a fake notification

If it’s a public online service attackers they will usually make every effort to create exact copies of a real message. However, if attackers are hunting for access to an internal system, they often have to use their imagination as they might not know how the email should appear.

Real example of a fake notification about a change of phone number

Everything about this message looks ridiculous, from the incorrect language to the rather dubious logic — it seems to be at once about linking a new phone number and about sending a password reset code. Nor does the “support” e-mail address lend credibility to the message: there is no plausible reason why a support mailbox should be located on a foreign domain (let alone a Chinese one).

The attackers are hoping that their victim, fearing for the security of their account, will click the red DON’T SEND CODE button. Once done, they’re redirected to a website mimicking the account login page, which, as you’d imagine, just steals their password. The hijacked mail account can then be used for BEC-type attacks or as a source of information for further attacks using social engineering.

Advertisement. Scroll to continue reading.

What to explain to company employees

To minimize the chances of cybercriminals getting their hands on employees’ credentials, communicate the following to them:

  • Never click on links in automatic security notifications, whether real looking or not.
  • On receiving a notification, check the security settings and linked details, do so by opening the website in the browser manually.
  • A clumsily worded notification (as in the example) is best ignored and deleted.
  • If the notification looks real, notify the IS service or security officer; it may be a sign of a targeted attack.

How to protect company employees from phishing

In general, it’s best to keep phishing emails out of employee inboxes altogether. Ideally, they (plus all other unwanted correspondence, including spam, messages with malicious attachments and BEC-related emails) should be intercepted at the mail gateway level. To combat these very threats, we have recently updated our email protection solution for gateways. Learn more on the Kaspersky Secure Mail Gateway page.

Advertisement
Advertisement
Advertisement

Like Us On Facebook

You May Also Like

HEADLINES

In rigorous evaluations conducted by prestigious cybersecurity testing organizations, Kaspersky Plus (starting in Q4 2024, Kaspersky Premium), Kaspersky Endpoint Security for Business (KESB), and...

HEADLINES

"Given the Philippines' high exposure to cyber threats, it's important for both individuals and businesses to stay vigilant," said Adrian Hia, Managing Director for...

White Papers

When compared to 2023, Sophos saw a 51% increase in abusing “Living off the Land” binaries or LOLbins; since 2021, it’s increased by 83%.

HEADLINES

Someone illegally acquires or uses personal information such as bank account or credit card numbers of another person to obtain money, goods or services....

HEADLINES

To stay ahead of these challenges, organizations need to invest in AI-driven defenses, transition to quantum-safe encryption, and adopt a Zero Trust approach to...

HEADLINES

There was a 121% Year-on-Year (YoY) increase in identity fraud in 2024 across the region, with significant surges recorded in Singapore (207%), Thailand (206%)...

HEADLINES

As part of RCBC’s 2024 Cybersecurity literacy program, the webinar aims to help Filipinos level up their online banking safety by providing them with...

White Papers

The survey found that CXO’s feel less prepared than their global peers. Less than half or 48% in APAC said they felt completely prepared...

Advertisement