Skip to content

SCAM OF THE WEEK: Don’t Get Fooled by Spear Phishing

In this week’s scam, cybercriminals are trying to scam you by sending you text messages from an unknown number claiming to be from your boss. 


Closeup portrait of shocked man feeling head, surprised he is losing hair, receding hairline or seeing bad news on cellphone, isolated on white background. Negative facial expressions, emotion feeling

The texts contain a lot of detailed information about your workplace, making them seem legitimate. They seem legitimate because the scammers research your organization and manager before texting you. They use the information they find in their research to try and trick you into believing that you are actually speaking with your manager. This scam is a type of personalized phishing attack known as spear phishing.

The scammers send casual messages about your organization to put you at ease before moving to what they really want—money. They tell you that they have a business expense that they urgently need to pay for. Then, they ask you to send them money using a cryptocurrency such as Bitcoin. If you send it to them, the money will go directly to the cybercriminals. You may then need to speak to your real manager to explain what happened!
 
Follow these tips to avoid falling victim to a spear phishing scam:

  • Be skeptical if you receive a message from an unknown number, especially if you are being asked to act urgently.  
  • Any unexpected financial request should be treated very cautiously. It is highly unlikely that your actual manager would ask for you to send them money using cryptocurrency.
  • If you receive an unusual message, follow your organization’s reporting policy. Others in your organization may be receiving similar messages. By reporting the message quickly, you can help prevent other attacks from being successful.

Content provided by KnowBe4