image credit: Pexels

‘Return to Office’ Phishing Emails Aim to Steal Credentials

November 30, 2020

Researchers at Abnormal Security have uncovered a credential-stealing phishing campaign that spoofs internal company memos concerning returning to the office.

The ongoing campaign is believed to have targeted about 100,000 inboxes, bypassing Google G Suite email security, the researchers say.

The fraudsters are using email messages and landing pages that attempt to impersonate the company’s internal messaging system and HR department. The emails focus on status updates regarding whether employees can plan to return to working in their employer’s offices, reflecting the updates companies have been sending out following the outbreak of COVID-19, according to the Abnormal Security report.

Read More on DataBreach Today