HR Impersonation: The New Phishing Scam Targeting Secure Environments
Cyberattacks are becoming increasingly sophisticated, and one of the latest trends shows how attackers are disguising themselves as HR departments of large companies. A recent example of a phishing attack, analyzed by Cofense specialists, was detected in secure environments such as Google, Outlook 365, and Proofpoint, where fraudsters were sending fake emails on behalf of human resources departments.
The messages appear highly convincing. The subject line often references something important and attention-grabbing, such as “Important: Revised Employee Handbook.” Inside the email, a formal business tone typical of official corporate communications is used, stressing the urgency of reviewing the new requirements.
The primary goal of the phishing attack is to prompt the user to click a link and enter their credentials on a counterfeit login page. The email exploits the authority of the HR department and creates a sense of urgency, so the victim doesn’t question the authenticity of the message.
The attackers also employ psychological tactics, instilling fear in employees about failing to comply with corporate policies. The email directs the recipient to a link that leads to a fake site mimicking a document storage platform.
Once the user clicks the link, they are redirected to a page supposedly belonging to Microsoft. Here, they are presented with a form to enter corporate login credentials. After filling out the form, the user is shown an error message before being redirected to the actual Microsoft site. This gives the victim the illusion of a minor issue, leaving them unaware that their credentials have already been compromised.
This phishing example illustrates how attackers exploit trust and urgency to steal account credentials, deceiving victims by redirecting them from one site to another, preying on their inattentiveness.
To counter such threats, comprehensive security measures must be implemented, including employee training and the use of advanced cybersecurity solutions. Organizations need to bolster their defenses against phishing attacks, combining technology with the vigilance of employees, who serve as the first line of defense.