Cybersecurity researchers have warned of an increase in phishing emails targeting people's employee credentials.
Cofense experts have detected an increase in phishing emails in which threat actors impersonate their victims' HR department. In the email, the attackers warn of an upcoming major plan update or an increase in 401k contributions.
401k is a popular personal pension account plan in the United States, sponsored by the user's employer. Sometimes employees contribute to the plan directly from their paycheck, which their employers then match.
Fake 401k Alerts
In the phishing email, attackers share a link to a fake login page, designed to steal the victim's credentials. In some cases, emails come without a link, so as not to trigger email security solutions that could filter them to the spam folder. Instead, attackers would embed a QR code, which most email security solutions do not scan and do not consider potentially malicious.
Additionally, victims are invited to scan the code with their smartphones, which rarely have adequate anti-phishing solutions.
While phishing emails about 401k plans are popular, they are not the only issue, Cofense researchers added. Other email topics include open enrollment, surveys, and salary restructuring communications.
Open enrollment allows employees to enroll in health insurance or retirement plans and is often a hot topic toward the end of the calendar year.
Employees take these messages very seriously, as failure to enroll by the deadline could mean losing eligibility for some benefits until the next round of enrollment.
As usual, it would be best to use common sense and always be careful when receiving email messages. Everyone should be aware of the sender address, any spelling, grammar or language discrepancies in the email, links and attachments, and finally, messages that are “urgent” or too good to be true.
Via BleepingComputer