Cybercriminals impersonate customer complaints as a way to grab your attention and trick you into opening malware.
Customer retention and satisfaction are vital to most organizations’ success. Knowing how important this is, cybercriminals send fake customer complaints in hopes of catching you off guard.
In a new phishing email, cybercriminals impersonate a member of your organization’s human resources or management team. The email addresses you by name, states “It is urgent request,” and tells you to call the sender immediately in regards to a customer complaint. Additionally, a PDF of the complaint appears to be linked within the email. If you click on the link, a webpage opens where you can download the customer complaint. Unfortunately, the file isn’t actually a PDF. Instead, it’s a dangerous piece of malware.
Here’s how you can stay safe from similar scams:
- Think before you click. Cybercriminals exploit emotions, such as the fear or guilt of upsetting a customer, to trick you into clicking on malicious links.
- Watch for poor grammar and unusual phrasing in emails, such as “It is urgent request.” Emails from legitimate sources are more likely to use correct and natural language, such as “This is urgent” or “This is an urgent request.”
- Never click a link in an email that you weren’t expecting. If you’re not sure, reach out to the sender by phone to confirm the legitimacy of the email.
Stop, Look, and Think. Don’t be fooled.
KnowBe4 is the world’s most popular integrated platform for awareness training combined with simulated phishing attacks. Let Keller Schroeder show you how KnowBe4 has helped thousands of organizations just like yours manage the continuing problem of social engineering. Contact us today to learn more.
DISCLAIMER : Any non-technical views expressed are not necessarily those of Keller Schroeder or its employee-owners.