SCAM OF THE WEEK: When Cybercriminals Ask for a Manager
Customer retention and satisfaction are vital to most organizations’ success. Knowing how important this is, cybercriminals send fake customer complaints in hopes of catching you off guard.
In a new phishing email, cybercriminals impersonate a member of your organization’s human resources or management team. The email addresses you by name, states “It is urgent request,” and tells you to call the sender immediately in regards to a customer complaint. Additionally, a PDF of the complaint appears to be linked within the email. If you click on the link, a webpage opens where you can download the customer complaint. Unfortunately, the file isn't actually a PDF. Instead, it's a dangerous piece of malware.
Here’s how you can stay safe from similar scams:
- Think before you click. Cybercriminals exploit emotions, such as the fear or guilt of upsetting a customer, to trick you into clicking on malicious links.
- Watch for poor grammar and unusual phrasing in emails, such as “It is urgent request.” Emails from legitimate sources are more likely to use correct and natural language, such as "This is urgent" or "This is an urgent request."
- Never click a link in an email that you weren’t expecting. If you’re not sure, reach out to the sender by phone to confirm the legitimacy of the email.
Stop, Look, and Think. Don't be fooled.
The KnowBe4 Security Team