SCAM OF THE WEEK: FRIENDLY SPEAR PHISHING
Spear phishing is a phishing attack that targets a specific person and appears to come from a trusted source. One of the easiest ways for cybercriminals to find a target is through social media. Spear phishing attacks on social media often come from fake accounts, but in a recent scam, cybercriminals used real, compromised accounts. After hijacking an account, cybercriminals impersonated that person and targeted their friends and followers.
In this scam, cybercriminals use the hijacked account to engage in friendly conversations with you in an attempt to lower your guard. Since you don't know that the account has been hijacked, you are more likely to trust information that they send to you. Once they think they have your trust, the cybercriminals will send you a Microsoft Word document asking for you to review it and give them advice. Once you open the document, the program will ask you to enable macros. If you do enable macros, your system will automatically download and install a dangerous piece of malware.
Follow the steps below to stay safe from this scam.
- Think about how a conversation with this person typically looks and feels. Do they usually ask you to download files? Are they typing with the same pace, grammar, and language as usual? Be suspicious of anything out of the ordinary.
- Before you enable macros for a file, contact the sender by phone call or text message. Verify who created the file, what information the file contains, and why enabling macros is necessary.
- Remember that cybercriminals can use more than just links within emails to phish for your information. Always think before you click!
The KnowBe4 Security Team