Threat Alert: PHISHING ATTACKS Use Rent Payment Lure for BEC

• A series of phishing attacks are targeting recipients in France using missed rent payment lures for business email compromise (BEC).
• The lures are benign and do not contain malicious attachments or links. Instead, they direct the recipient to either respond with a payment receipt or reply to the email to receive new payment account information.
• The lures also claimed the rental agency had new banking information and sent it via a PDF attachment in the initial or follow-up email.
• These attacks are likely intended to trick recipients into sending payment to attacker- controlled accounts.

Key Action: Report Suspicious Emails 

• Follow proper payment processes until verified. Don’t take emails saying you missed a payment or that payment details have changed at face value. Always confirm any changes with the organization via a secondary, trusted form of communication.
• Remember cybercriminals take advantage of strong emotions. Messages related to missed rent payments can be extremely stressful. Keep in mind cybercriminals seek to capitalize on moments of anxiety and the difficulty in thinking clearly in such situations.
• Report ANY suspicious emails using the Phish Alarm button.