You Are Fired!
Better To Say It Face to Face, Not Inbox to Trash
What are job termination scams ?
Job termination scams are a type of cyber attack where cybercriminals send fake emails that appear to be from a company's HR department, informing employees they have been terminated.
How does these scams operate ?
The scams operate by using deceptive emails to trick employees into taking actions that compromise their personal and company security;
Here is a detailed breakdown of how these scams operate
Initial Contact: Employees receive an email that appears to be from their HR department or another authoritative source. The email's subject line typically indicates termination or dismissal
Deceptive Content: The email is crafted to look legitimate, often using the company’s logo and branding to reduce suspicion. The content is designed to invoke an immediate, emotional response, leveraging the shock and anxiety associated with job loss to make the recipient act impulsively.
Malicious Attachments: The email includes an attachment, such as a PDF or Word document, or a link to a supposed termination notice or severance package details. The attachment or link points to malicious software.
Malware Installation and Execution: Once the attachment is downloaded or the link is clicked, malware is installed on the employee’s device. This malicious software steals login credentials, which cybercriminals use to gain unauthorized access to the company’s network and sensitive data.
Exploitation of Stolen Credentials: With stolen credentials, attackers can hijack email or other accounts to access sensitive corporate data and networks for theft and extortion. If the employee uses the same logins across multiple accounts, the attackers may launch credential stuffing campaigns to unlock those accounts as well
How do we recognize such scams ?
Urgent language designed to create a sense of panic and prompt immediate action without careful consideration
Suspicious attachments or links, especially if they come from unfamiliar sources or are related to sensitive topics like termination. Hovering over links may reveal subtle misspellings or unusual characters in the URL.
Email addresses that are similar but not identical to the company’s official domain
What measures can we take to stop them ?
Employee Education and Training
Clear Communication Channels and Policies
Vigilance
Above do work at times!
The Case for Offline Communication
Cultivating a culture of trust where using offline methods like in-person meetings or phone calls for sensitive communications, such as terminations, can significantly reduce the risk of employees falling victim to such HR phishing scams
We think offline methods for sensitive communication is very effective and secure because
Reduces such phishing risks
Prevents panic
Builds trust
May be we are old school and biased! What do you all think ?