Discover tips to protect yourself from Business Email Compromise (BEC) scams during high-profile events like elections.
No one is immune to being targeted by phishing attacks. In this week’s scam, cybercriminals targeted candidates in a local election. During any election season, many candidates post information about themselves online or on social media sites. Scammers can use this information to craft targeted attacks on the candidates. In the specific attacks mentioned below, the scammers pretended to be another election candidate. This type of attack is known as Business Email Compromise (BEC).
In one of the attacks, the scammers emailed an election candidate. In the email, they impersonated someone else who was also running for election. The scammers explained that they needed the victim to purchase $500 in Apple gift cards and send them via email. When this didn’t work, the scammers later sent a separate email that appeared to come from DocuSign. This email contained an attachment that directed the victim to a fake login screen that prompted them to enter their user credentials in order to continue. If the victim had fallen for either of these scams, the scammers would have been able to steal both money and login credentials from the victim.
Follow these tips to avoid falling victim to a BEC scam:
- Be wary of any unsolicited emails or calls asking you to buy gift cards or transfer money, even if they appear to be from someone you know. Verify the request through another channel before acting.
- Be extra vigilant during high-profile events like elections when scammers may increase phishing attempts.
- Remember, the information that you post online is publicly available for anyone to see. Scammers can use this information to target you with more realistic phishing attacks.
Stop, Look, and Think. Don’t be fooled.
KnowBe4 is the world’s most popular integrated platform for awareness training combined with simulated phishing attacks. Let Keller Schroeder show you how KnowBe4 has helped thousands of organizations just like yours manage the continuing problem of social engineering. Contact us today to learn more.
DISCLAIMER : Any non-technical views expressed are not necessarily those of Keller Schroeder or its employee-owners.
