Security

Don't click that! How to spot an invoice impersonation attack that pretends to be from a coworker

Invoice impersonation attacks are on the rise, attempting to download malware that steals victims' credentials.

Finance workers are seeing a wave of phishing attacks that send victims a link to a fake invoice that appears to come from a trusted party, according to a new threat spotlight report from security firm Barracuda Networks.

These emails don't usually appear to be out of the ordinary, and guide the recipient to click on a link to an invoice. The sender's name is carefully chosen by the attackers to be someone the recipient knows and trusts.

If a victim clicks on the link, it typically begins downloading a doc. file for the supposed invoice. This is usually a malware download that could trigger ransomware, or steal the recipients' credentials from the browser.

SEE: Security awareness and training policy (Tech Pro Research)

"As we continue to see these attempts grow in popularity, it's important to be aware of the warning signs in the messages," Lior Gavish, vice president of engineering and content security services at Barracuda Networks, wrote in the report.

In the examples cited in the report, both include a payment request and link—two major concerns.

"You should always tread carefully around payment requests via email, and if there's ever a doubt, any suspicions should be sorted out before ever acting on the request," Gavish wrote. "Secondly, it's important to remember that any link you click could be malicious, so if you aren't certain that a particular link is safe — don't click on it."

The best way to prevent these attacks is via continuous employee training and testing to increase their security awareness, Gavish wrote. Many companies have begun running internal phishing attacks against their own employees as a way of educating them about the different types of cyberattacks.

Companies can also consider layering employee training with email security solutions that offer sandboxing and advanced threat protection to block malware before it reaches corporate email servers, as well as deploying anti-phishing protections.

The 3 big takeaways for TechRepublic readers

1. Finance workers are seeing a wave of phishing attacks that send victims a link to a fake invoice that appears to come from a trusted party.

2. If a victim clicks on the invoice link, it typically begins downloading malware that could trigger ransomware, or steal the recipients' credentials from the browser.

3. The best way to prevent these attacks is via continuous employee training and testing to increase their security awareness, as well as email protection tools.

istock-496819483.jpg
Image: iStockphoto/weerapatkiatdumrong

Also see

About Alison DeNisco Rayome

Alison DeNisco Rayome is a Staff Writer for TechRepublic. She covers CXO, cybersecurity, and the convergence of tech and the workplace.

Editor's Picks

Free Newsletters, In your Inbox