[ad_1]
We all receive emails from the human resources department at least once a day, and generally tend to ignore them. But scammers are trying to make the most of it these days. As the research and security firm Cofence found, the scammers are trying to steal your office credentials as part of a phishing campaign disguised as “Department of Human Resources” emails. This widespread scam is reportedly targeted at employees working from home during the shutdown phase.
Apparently, the email tricks them into revealing their login details by having them fill out a remote job registration form.
Also read: Be careful! WhatsApp hack that allows attackers to get easy access to your account is back
According to Cofence, hackers are exploiting Microsoft’s Sway application to obtain the credentials of the targeted employee. For those who don’t know, Sway is a free to use application that allows employees to create newsletters or presentations and is widely used by professionals on a daily basis. Attackers use it to send emails with compelling subject lines such as “Employee Enrollment Required” or “Remote Job Access” that they claim came from “Human Resources.”
The link within the email to fill out the form is what takes you to the fake phishing site, where the credentials can be stolen and possibly sold in the future. According to Cofence, since scammers often use legitimate domains and URLs, “these campaigns remained undetected for longer periods, likely leading to more compromised account credentials.”
Also read: Personal data of 23 million hacked Webkinz children’s game players
Once the employee completes the form requesting their email ID and password and clicks “Submit,” the login details are sent to the threat actor.
Cofence encourages employees to read such emails carefully before clicking on malicious links. Users can hover their mouse pointer over the link to see where it is being redirected.
