Spear phishing attack targets HR and payroll systems
Payday should be a pleasurable time of the month, but thanks to a new spear phishing campaign, some employees are losing their pay checks to cybercriminals.
Email defense specialist Vade Secure uncovered the attack in which criminals initiate an email conversation with HR staff to get them to change bank details for receiving direct payroll payments.
Early versions of these attacks used emails to employees requesting that they log in to the HR portal to either view a private email or view/make changes to their account. The links, of course, led to phishing sites where employees inadvertently disclosed their login credentials.
The clever bit about the latest attacks is that there are no links in the emails so they don't get picked up by automated filtering systems. The emails are cleverly targeted, too, focusing on topics that would be top of mind for employees and HR staff. The attacks in late 2018 and early 2019, for example, coincided with tax season so they would arouse less suspicion.
The attacks also led to other personal information, such as social security numbers, being disclosed which could be used for identity theft or other targeted attacks.
You can read more about the attack and see examples of the phishing emails along with tips on protecting your business on the Vade Secure blog.