Discover how cybercriminals are targeting Polish government officials in a sophisticated phishing scam by sending malicious files.
Cybercriminals like to manipulate people into acting on impulse because anyone can fall for this trick, even government officials. In this week’s scam, a Russian hacking group is targeting members of the Polish government with an enticing phishing email. The email contains a link that claims to provide information about a mysterious person who has been in contact with Polish government authorities.
If you click it, the link redirects you through multiple websites before reaching an archive of .zip files. This archive contains a malicious file that is disguised as a photograph. If you open the file, a distracting image is displayed while the malicious software secretly downloads onto your device. Once installed, the malware can collect your sensitive data and send it back to the hackers.
Follow these tips to avoid falling victim to similar scams:
- Avoid clicking on links in emails, especially if the email is not expected.
- Phishing emails may contain alarming or sensitive topics to try and trick you into clicking on a link. Always be mindful any time an email is encouraging you to take action.
- If an email seems suspicious, always follow your organization’s reporting policy. An email that is reported quickly can help to protect your organization from a larger phishing attack.
Stop, Look, and Think. Don’t be fooled.
KnowBe4 is the world’s most popular integrated platform for awareness training combined with simulated phishing attacks. Let Keller Schroeder show you how KnowBe4 has helped thousands of organizations just like yours manage the continuing problem of social engineering. Contact us today to learn more.
DISCLAIMER : Any non-technical views expressed are not necessarily those of Keller Schroeder or its employee-owners.