top of page

Look out for New Year's HR phishing scams


phishing alert scam

Happy Friday and Happy New Year!


The New Year is familiar ground for HR with respect to deadlines. There's open enrollment for health insurance, 401K update and employee reviews. According to a new post by Cofense Email Security, scams targeting these HR deadlines are surging so expect to see some in your inbox.


The Takeaway  That post I mentioned has screen shots of some sample scam emails but I'll give you the shortcut. Here's what to look out for:


1) QR Codes. QR codes started showing up in scam emails last year. It's clever since the pandemic made QR codes the norm instead of something only nerdy people like me used.


QR codes can act as shortcuts to malicious website URL's that can't be scanned by email protection services. It's not to say a service such as Proofpoint can't stop these emails from coming in - it might catch them based on other heuristics such as it being a first-time sender or suspicious text. But, we've seen these QR codes sail right on through into user's mailboxes so keep an eye out.


2) Email Attachments. It's unfortunate but we've seen malicious email attachments come through from trusted senders who've had their email accounts compromised. In fact if the criminal has been monitoring the victim's mailbox, they could insert their emails into an ongoing back and forth conversation about a payment and steal the funds by changing a few details on the invoice or correspondence, namely the bank routing number.


We've seen funds disappear like this from anywhere from $30K to $450K and it's often weeks or month before the victim realizes that the funds were wired to the wrong place. By that time it's too late to do anything - that money is long gone.


These scammers are sophisticated and if you're wondering who they are, do a google search for the Black Axe cybergang out of Nigeria. Yes, the individuals behind the Section 419 emails everyone laughed at a decade ago about the long lost Nigerian prince who needed your help to access his fortune - they never stopped. However, instead of targeting home users, they've shifted to businesses, where the transactions and payouts are magnitudes larger.


Black Axe is a fascinating (and terrifying) group that even employs witchcraft and voodoo to help them improve their luck scamming people. The latest episode of Darknet Diaries goes into some detail about this criminal enterprise. Either way, keep an eye on your inbox!


Stay safe out there.




PS. If you think this email might be of value to a friend or colleague, feel free to forward it along.   

New Friday Funnies


Q: What’s Friday the 13th?  

A: The day of the year that people blame witchcraft for their regular stupidity.


bottom of page