Security News > 2020 > June > Office 365 Users Targeted By ‘Coronavirus Employee Training’ Phish
Researchers are warning of a new phishing attack that purports to send coronavirus training resources to employees who are returning to the workplace, as COVID-19 lockdowns lift.
The recent phishing campaign leverages novel training programs that are required for employees in the workplace to comply with coronavirus regulations.
The campaign, targeting Office 365 users, sends an email that includes a link to register to the training: "COVID-19 Training for Employees: A Certificate for Health Workplaces."
Instead of a legitimate sign-up page it instead directs users to a malicious link, where they are asked to input their credentials, according to a new report from Check Point Research.
In terms of mitigation, Check Point continues to promote both email security protections and increased employee awareness to threats as they evolve as solutions for organizations to combat these new campaigns-the same general advice they've shared throughout the wave of new threats observed during the COVID-19 pandemic.
News URL
https://threatpost.com/office-365-users-targeted-by-coronavirus-employee-training-phish/156899/