Most commonly used in phishing attacks…
In this article, we’ll explore trends in documents used in phishing attacks. The purpose of such
an attack is to get your login credentials (login + password) to online services. To make it more credible,
attackers use websites that imitate well-known services that require password authentication from a
third-party service or service (such as Google, Apple, or Facebook).
Here is a list of the most popular points of “fishing” in phishing attacks:
- “Account Verification” – an email imitating a well-known service, asking you to confirm/change
your login credentials. Always change such data directly on the service provider’s website. - A “shared document” – that someone has shared with you, but access to the content requires
you to log in with your details. Always check who is sharing files with you and what kind of files, - “Original DocuSign” – an email that smuggles malware as an attachment. Remember, a service
like DocuSign doesn’t ask you to download and open an attachment. - “Fake invoice” – always enter the names of payment portals directly into your browser, without
using the links provided in the emails (unless you are sure of the legitimacy of the message).
Also, double-verify the account numbers provided. - “Order Confirmation/Changes” – requiring logging in to the portal of one of the popular courier
companies. Again, we verify the information directly with the service provider’s website, - “Tax documents” – because when death and taxes are certain, it is easier to impersonate taxes.
Especially in the period of changes such as the National System of e-Invoices.
When you receive a message in one of the above categories, even when you’re expecting it, it’s a good
idea to be careful. You can use their knowledge, or at least the red flag associated with them, as part of
training to raise awareness of cyber threats among your company’s employees.