Cyber criminals are always looking for new ways to trick and catch victims – and they keep getting smarter and smarter. A new phishing scam is unusually sneaky and uses a highly trusted brand name to gain access to data.
Targets are sent a seemingly authentic email appearing to be from a commonly used e-signature platform. A blank image is attached to the email with empty files discreetly encoded inside an HTML attachment (hang in with us here).
In a nutshell – the scam is very sneaky. The malicious code is so well hidden that some anti-virus software isn’t catching the treat.
This hidden code sends people to a malicious website – which would put your business at risk.
If any of your employees were to open the attachment, they could end up installing malware without even knowing it – and it can then be spread from their devices into your network. This makes your data at risk of being exposed and leaves you vulnerable to a ransomware attack.
There have been a lot of attacks utilizing HTML attachments recently – and they’re targeting small and medium sized businesses. So, it’s important for companies to take action in order to stay ahead of cyber criminals.
If you or any of your people use software to sign documents electronically, double-check to make sure an email is genuine before opening an attachment (we always recommend taking this precaution before opening any attachments regardless). Keep in mind that cyber criminals choose to impersonate a trusted name for a reason.
Additionally, you can prevent employees from receiving – and being exposed to – these phishing scams by blocking all emails with this particular type of attachment.
If you’d like help implementing these or any other additional security measures, or would like to talk with one of our cybersecurity experts for further advice, contact us.
Published with permission from Your Tech Updates.
