Security News > 2021 > May > Hackers Exploit Post-COVID Return to Offices
The latest scam includes pelting recipients with emails purportedly from their CIOs welcoming employees back into offices.
The spoofed CIO email prompts victims to link to a fake Microsoft SharePoint page with two company-branded documents, both outlining new business operations.
If a victim decides to interact on either document a login panel appears and prompts the recipient to provide login credentials to access the files.
Just last month, as governments rolled out pandemic relief payments, attackers used fake U.S. aid payments to deliver Dridex Malware.
"COVID-19 has given us a window into how hackers can exploit human vulnerabilities during a crisis, with healthcare and pandemic-related attacks prevalent in 2020," Sivan Tehila with Perimeter 81 wrote recently for Threatpost.
Cybercriminals thrive on change and only become emboldened by it, rolling out new cybercrime offenses to exploit trending news events, she said.
News URL
https://threatpost.com/hackers-exploit-covid-office/166550/
Related news
- Top 3 MS Office Exploits Hackers Use in 2025 – Stay Alert! (source)
- Hackers Exploit Severe PHP Flaw to Deploy Quasar RAT and XMRig Miners (source)
- Hackers Exploit WordPress mu-Plugins to Inject Spam and Hijack Site Images (source)
- Russian Hackers Exploit CVE-2025-26633 via MSC EvilTwin to Deploy SilentPrism and DarkWisp (source)
- Hackers exploit WordPress plugin auth bypass hours after disclosure (source)
- Hackers exploit old FortiGate vulnerabilities, use symlink trick to retain limited access to patched devices (source)
- Russian Hackers Exploit Microsoft OAuth to Target Ukraine Allies via Signal and WhatsApp (source)
- Hackers Exploit Critical Craft CMS Flaws; Hundreds of Servers Likely Compromised (source)