This content is viewable by Everyone

May 2023: Phishing Kit Uses Finance-Themed Lures

Threat Alert: What to Watch For

  • Cybercriminals are increasingly using phishing-as-a-service kits to build and distribute lookalike Microsoft Office 365 landing pages via phishing lures. 
  • The phishing lures can be customized to have a variety of different appearances or themes. However, recent lures have often used finance-related themes, with email subject lines like “… Mortgage: Initial CD/Wiring Instructions of 3002647937 [CTC]” or “PAYOFF STATEMENT FROM”.
  • The phishing lures contain either HTML attachments or malicious lures that, when clicked, lead to lookalike Office 365 login pages. These landing pages can contain company logos to impersonate company-specific login portals.  

Key Action: Report Suspicious Emails

  • Report ANY suspicious emails using the Phish Alarm button in your email menu bar. 
  • Remember: Our organization occasionally sends phishing simulations that are used to evaluate the potential impact of a real phishing attack. Report any emails that match the tactics described above. 
  • If a reported message is a simulation, you will see a notification alerting you to that. No further action is needed on your part. 
  • If a reported message was not a simulation, and you are concerned about a time-sensitive request, you must take additional steps to verify the email is valid before acting on it. 

Tips to Remember (at Work and at Home)

  • Go beyond surface clues. Familiar logos, branding, and names are not automatic indicators that an email or website is safe. Cybercriminals often imitate well-known organizations.  
  • Verify the legitimacy of any unsolicited/unexpected email before you interact with it, especially if it directs you to click on a link or asks you to provide credentials. It can be tempting to click on a “call-to-action.” But if you notice a subtle change or inconsistency within a message claiming to be from HR or another internal department, don’t ignore it—report it.
  • Be cautious of clicking on URLs or opening attachments, particularly in unsolicited emails or if they seem out of character for a known sender. Instead, always navigate to a website directly through a known URL or a trusted bookmark. Be sure to verify unexpected attachments with the sender via a known, alternate means of communication — like a phone call to a trusted number.    

 

Phish Kit