Knowing that because of the current situation an increased number of people are working from home, via email, cybercriminals have adapted a few scams to take advantage of that.
ESET Ireland has identified a few more email scams, aimed at the office or home-office workers, taking advantage of an increased reliance on emails and office software for conducting daily business.
The first email scam can quickly catch unaware home-office users off guard, as the decreased personal interactions result in increased automation and “task” scheduling via various apps. The email appears like a notification by Microsoft saying “You’ve been assigned a new task!” and comes with all the corresponding visuals, while the content of the email says “September Tasks” and offers a link “Open in Microsoft Planner”.
Clicking on that link takes the victim to a fake Microsoft account login, which could enable the scammers to log in and gain access to everything, including personal files, the users might have associated or stored with their Microsoft account.
The other scam pretends to be coming from Salesforce, a known customer management software used by many companies and claims they’re “deactivating non-active users” (Not even just accounts, but users themselves, yikes!) telling the victims to click on a link to confirm their email address and prevent “deactivation”.
This in turn leads to a phishing website that harvests users’ login details.
While the email is rather low effort and using poor grammar, it could still fool someone dependent on daily use of the software to quickly head over and “confirm” their details, thus enabling scammers access and abuse of their user account.
Both scams aren’t particularly elaborate or unexpected, but due to the widespread use of the software they refer to, and the way many people respond automatically, without pausing to think about the possibility of scams, may still achieve wide reach and many clicks.
ESET Ireland advises all users to pay particular attention and exercise extreme caution with any emails that require them to click on links and fill in login details. If you encounter such emails, don’t click on anything within them, do not reply to them, just delete them and warn your colleagues.
by Urban Schrott and Ciaran McHale, ESET We Live Security