Fired or Phished? FBI Issues Warning

I support our US intelligence agencies, and I don’t want to have to tell them “I told you so,” but we are going to, anyways…

We’ve been warning our readers for months now to watch out for scammers taking advantage of the pandemic and employees working from home. Well, the FBI issued a warning yesterday, to watch out for hackers exploiting remote workers via false termination phishing emails and virtual meeting invites.

Overview

As we know, more people than ever are working from home in the midst of the Covid-19 pandemic. As such, a new scheme has hatched in which in email is sent to a worker, telling them they have been fired. In the uncertainty surrounding these times, a subject line stating “Termination Review Meeting” would definitely by disconcerting enough to make employees click on the email.

The body of the email says that the company is “downsizing” due to the virus, and provides a “hotlink” for the employee to click on.

Now, all my readers will know, of course, that this is sketchy, but those who haven’t had phishing training might just be anxious enough to follow the link. Those who have clicked on this link advise that they are then welcomed with a blank screen.

Another scheme involves the hackers inviting their intended victim to join a VTC meeting to discuss the “termination,” with “Join this Live Meeting” text that is hyperlinked to a site that is actually compromised.

As always, please keep in mind that these hackers do not have any shame and won’t think twice about exploiting the “opportunities” this pandemic has granted them.

FBI Recommendations

The FBI recommends that the following measures be taken to fight this phishing scheme:

• Alert employees to look for emails coming from Human Resources or management with
• spoofed email domains.
• Select trusted and reputable telework software vendors; conduct additional due diligence
• when selecting foreign-sourced vendors.?
• Require use of password or PIN for any teleconference or web meetings.
• Beware of social engineering tactics aimed at revealing sensitive information. Use tools
• that block suspected phishing emails or that allow users to report and quarantine them.
• Beware advertisements or emails purporting to be from telework software vendors.
• Always verify the web address of legitimate websites or manually type them into the
• browser.
• Do not share links to remote meetings, conference calls, or virtual classrooms on open
• websites or open social media profiles.
• Avoid opening attachments or click links within emails from senders you don’t
• recognize.
• Only enable remote desktop access functions like Remote Desktop Protocol (RDP) or Virtual
• Network Computing (VNC) when absolutely necessary.

While this is excellent advice that we have told you about already, it’s great to hear it from another source. If you have any other questions, please feel free to contact us at 919-422-2607, or schedule an appointment free, online. We also urge you to download our free Remote Security Checklist for extra added layers of protection in your home office. If you see any emails like the above? Please don’t click on the links!