The case, which was publicized by Check Point Research as an educational tool, offers a fascinating glimpse behind the scenes of a digital crime ring.

The trick
Like all phishing attacks, this one began with fraudulent email templates. In this case, the messages mimicked Xerox scan notifications and included a target company employee’s name or title in the subject line. The bogus emails were sent through accounts that had been previously compromised so they would appear to be from legitimate sources. This is why you’re often warned that phishing attacks may appear to come from your boss—or your mom.

The crime
The attackers attached an HTML file containing code that secretly started searching for user names and passwords and sending them back to the criminals. 

The key here is that in order for all this to take place, email recipients had to fall for the phishing message and click the HTML file. That’s the error that silently opened the door to these cybercriminals. 

What you can do

• Be more cautious than curious when you get emails with links
• Out of the ordinary requests from trusted sources should be treated cautiously
• Don’t feel silly about checking with IT if you’re unsure. These types of schemes are rampant and convincing

© National Security Institute, Inc.