Organizations often use email to send important information to their customers. If an organization sends out an email that’s missing information, they may send you a follow-up email. Now, cybercriminals are using a technique called “clone phishing” to imitate these follow-up emails and manipulate you.
To start the scam, cybercriminals hijack an email account from a legitimate organization. They use the hijacked account to find an email that was previously sent to you and clone it. To make the clone email look like a typical follow-up email, the cybercriminals add text that claims the original email was missing an attachment with urgent information. If you download the attachment in the clone email, you won’t receive important details about the original message. Instead, you’ll download malware that allows cybercriminals to steal your sensitive information.
Follow the tips below to stay safe from clone phishing scams:
Stop, Look, and Think. Don’t be fooled.
KnowBe4 is the world’s most popular integrated platform for awareness training combined with simulated phishing attacks. Let Keller Schroeder show you how KnowBe4 has helped thousands of organizations just like yours manage the continuing problem of social engineering. Contact us today to learn more.
DISCLAIMER : Any non-technical views expressed are not necessarily those of Keller Schroeder or its employee-owners.