Skip to main content

Scam of the Week - Exploiting the Coronavirus: Phony Form from HR

Posted on Wednesday, December 16, 2020 in Privacy & Security

For many months, organizations across the globe have been working remotely due to the coronavirus pandemic. In a new phishing attack, the bad guys target your feelings of stress or excitement about returning to the office. 

The phishing email resembles something that your human resources department might send about returning to the office. Attached to the email is an HTML file that includes your name in the file name. If you download and open this attachment, you’ll be taken to a file that is hosted on the file-sharing site, Microsoft SharePoint. According to the document, you must acknowledge the return to office policy by providing your username and password. If you enter your credentials here, the information will be sent directly to the bad guys and they’ll have the same access to your organization as you do.

Don’t fall for this trick! Remember these tips:

  • This attack tries to exploit the uncertainty of going back to work in the office. Don’t let the bad guys toy with your emotions. Think before you click!
  • Never impulsively click on a link or download an attachment that you weren’t expecting, even if it appears to be from your own organization.
  • When in doubt, reach out to the sender by phone to confirm the legitimacy of the email before clicking a link or downloading an attachment.

Stop, Look, and Think. Don't be fooled.
The KnowBe4 Security Team

Back to Top