Researchers are warning of a new phishing attack that purports to send coronavirus training resources to employees who are returning to the workplace, as COVID-19 lockdowns lift. The recent phishing campaign leverages novel training programs that are required for employees in the workplace to comply with coronavirus regulations. The campaign, targeting Office 365 users, sends an email that includes a link to register to the training: “COVID-19 Training for Employees: A Certificate for Health Workplaces.” Instead of a legitimate sign-up page, however, it instead directs users to a malicious link, where they are asked to input their credentials (at the moment that link is inactive), according to a new report from Check Point Research.
Experts Comments
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.
Be part of our growing Information Security Expert Community (1000+), please register here.
Linkedin Message
@Javvad Malik, Security Awareness Advocate, provides expert commentary at @Information Security Buzz.
"It is vital that organisations continually keep employees abreast of what the ongoing situation is, and how to expect communication...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/office-365-users-targeted-by-coronavirus-employee-training-phish
Facebook Message
@Javvad Malik, Security Awareness Advocate, provides expert commentary at @Information Security Buzz.
"It is vital that organisations continually keep employees abreast of what the ongoing situation is, and how to expect communication...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/office-365-users-targeted-by-coronavirus-employee-training-phish