Security News > 2021 > May > Hackers Exploit Post-COVID Return to Offices
The latest scam includes pelting recipients with emails purportedly from their CIOs welcoming employees back into offices.
The spoofed CIO email prompts victims to link to a fake Microsoft SharePoint page with two company-branded documents, both outlining new business operations.
If a victim decides to interact on either document a login panel appears and prompts the recipient to provide login credentials to access the files.
Just last month, as governments rolled out pandemic relief payments, attackers used fake U.S. aid payments to deliver Dridex Malware.
"COVID-19 has given us a window into how hackers can exploit human vulnerabilities during a crisis, with healthcare and pandemic-related attacks prevalent in 2020," Sivan Tehila with Perimeter 81 wrote recently for Threatpost.
Cybercriminals thrive on change and only become emboldened by it, rolling out new cybercrime offenses to exploit trending news events, she said.
News URL
https://threatpost.com/hackers-exploit-covid-office/166550/
Related news
- North Korean hackers exploit VPN update flaw to install malware (source)
- Blind Eagle Hackers Exploit Spear-Phishing to Deploy RATs in Latin America (source)
- Hackers Exploit PHP Vulnerability to Deploy Stealthy Msupedge Backdoor (source)
- Hackers use PHP exploit to backdoor Windows systems with new malware (source)
- Chinese Hackers Exploit Zero-Day Cisco Switch Flaw to Gain System Control (source)
- APT group exploits WPS Office for Windows RCE vulnerability (CVE-2024-7262) (source)
- APT-C-60 Group Exploit WPS Office Flaw to Deploy SpyGlace Backdoor (source)
- US offers $2.5 million reward for hacker linked to Angler Exploit Kit (source)
- South Korean hackers exploited WPS Office zero-day to deploy malware (source)
- Russian APT29 hackers use iOS, Chrome exploits created by spyware vendors (source)