Document Signing Phishing Scam
Another day, another scam. And this is a sneaky one.
Cybercriminals are getting smarter. This recent malware threat is crafty. It impersonates a highly trusted brand name to get a foot in the door.
Targets receive a convincing-looking email that appears to come from a widely used e-signature platform.
Attached to the email is a blank image loaded with empty SVG files, carefully encoded inside an HTML file attachment (stay with us here).
In short, it’s very clever and tricks its way past a lot of security software.
Businesses like yours are at risk because code within the image sends people to malicious URLs.
Open the attachment, and you could unwittingly install malware onto your device – or even your network – which risks exposing your data and leaving you open to a ransomware attack.
Recently, there’s been a wave of HTML attachment attacks on small and medium-sized businesses, so it’s clear that companies need to take action to stay ahead of the criminals.
Double-check that emails are genuine before opening any attachments if you use software to sign documents electronically.
There’s a reason why criminals have chosen to impersonate a trusted name.
Taking things a step further, you could block all emails with this type of attachment to prevent employees from being exposed to scam emails in the first place.
Get in touch if you’d like further advice or help to implement extra security measures.
Published with permission from Your Tech Updates.