Weekly Tip! Clone Phishing Scams
Organizations often use email to send important information to their customers. If an organization sends out an email that’s missing information, they may send you a follow-up email. Now, cybercriminals are using a technique called “clone phishing” to imitate these follow-up emails and manipulate you.
To start the scam, cybercriminals hijack an email account from a legitimate organization. They use the hijacked account to find an email that was previously sent to you and clone it. To make the clone email look like a typical follow-up email, the cybercriminals add text that claims the original email was missing an attachment with urgent information. If you download the attachment in the clone email, you won’t receive important details about the original message. Instead, you’ll download malware that allows cybercriminals to steal your sensitive information.
Follow the tips below to stay safe from clone phishing scams:
To start the scam, cybercriminals hijack an email account from a legitimate organization. They use the hijacked account to find an email that was previously sent to you and clone it. To make the clone email look like a typical follow-up email, the cybercriminals add text that claims the original email was missing an attachment with urgent information. If you download the attachment in the clone email, you won’t receive important details about the original message. Instead, you’ll download malware that allows cybercriminals to steal your sensitive information.
Follow the tips below to stay safe from clone phishing scams:
- Don’t trust that an email is legitimate just because it was sent through a trusted email address. Cybercriminals can use stolen email addresses to make their scams more believable.
- Watch out for a sense of urgency in messages that you receive. Phishing attacks rely on impulsive actions, so always think before you click.
- Never click a link or download an attachment in a message that you aren’t expecting.
The KnowBe4 Security Team
KnowBe4.com
KnowBe4.com
Related Articles
Weekly Tip! Google Translate Phishing Scams
Google Translate is a free service that you can use to translate text from one language to another. Since Google Translate is a Google product, many people view it as a sign that a webpage is trustworthy. Now, cybercriminals are spoofing Google ...Weekly Tip! Blank Image Phishing Scams
Most email providers have security filters that check emails for malicious links or attachments. You may feel like you can rely on these filters and, as a result, trust that emails sent to your inbox are safe. Unfortunately, cybercriminals can take ...Weekly Tip! Healthcare Reimbursement Phishing Scams
When you request a reimbursement from your healthcare provider, it may be completed through a third-party payment processor. These payment processors often offer direct deposit payments so you can get reimbursed as soon as possible. Unfortunately, ...Weekly Tip! Homoglyph and Unicode Phishing Scams
You may be wondering what homoglyphs and Unicodes are. Homoglyphs are letters or characters that look similar. For example, the character “e” looks similar to the character “ė”. Unicode is a unique code assigned to characters so that any platform or ...Weekly Tip! Watch Out for Bank Phishing Scams
Many people see email as a convenient and effective way to receive information. Popular banks have even started using email as a primary method of communication to send account updates to their customers. Now, cybercriminals are imitating banks in ...