In late 2024 and early 2025, scammers increasingly began to disguise phishing as employer services: more and more employees received fake letters asking them to verify a corporate service or change their password. This was told to Izvestia by information security specialists.
Author:
https://rb.ru/author/lipchanskaya-anastasiya/
Subscribe to RB.RU on Telegram
“We are contacting you to inform you that due to recent changes to the company’s access system, you must go through an authorization procedure to verify access to resources,” Izvestia gives an example of a fake letter from an employer.
Next, the scammers ask you to follow a phishing link, enter your username and password, select the desired resource, and supposedly make sure it is working correctly. They also highlight the importance of completing this procedure promptly, presenting themselves as a “technical support team.”
On the topic: How to protect your business from telephone scammers
In the past two months, companies in the financial sector, retail, logistics, manufacturing and telecommunications have been targeted by similar attacks, Alexander Dmitriev, general director of information security company Neuroinform, told Izvestia. In December, 18 of the firm’s clients received these types of letters, and from January 1 to 20, another 12, he added.
According to Neuroinform estimates, 60% of a company’s employees click on phishing links after receiving a letter from “technical support” asking them to check the corporate service, and 45% of those who click enter their data.
Attackers use employees’ sense of responsibility and their desire to work efficiently to manipulate. Most employees perceive these letters as mandatory instructions. Sometimes attackers even threaten consequences, including losing bonuses for ignoring messages, cybersecurity experts warned.
The head of the Garda group’s information security department, Viktor Ievlev, added that the most common attacks are phishing and emails with malicious attachments. Experts urged companies not to neglect comprehensive protective measures, as well as to regularly train employees and conduct tests.
Previously, in January, Sberbank revealed the work of an online university that was training fraudsters, including hackers, to attack Russian companies. According to Stanislav Kuznetsov, deputy chairman of the bank’s board of directors, the university operated on the dark web and regularly recruited new students. 10 thousand people managed to complete the training.
Author:
Anastasia Lipchanskaya
Source: RB
I am a professional journalist and content creator with extensive experience writing for news websites. I currently work as an author at Gadget Onus, where I specialize in covering hot news topics. My written pieces have been published on some of the biggest media outlets around the world, including The Guardian and BBC News.
