Cybersecurity experts discovered a new malware attack in which cybercriminals are posing as human resources staff.
Some of the phishing emails claimed to contain "amendments to the medical leave procedure" for employees. Others inform the employee that he or she "is being laid off".
When the employee opens the attachment contained in the email, the victim's device is infected with malware. The cybercriminals can then access their victim's data as well as the organization's network.
Some attachments contain a Trojan-Downloader.MSOffice.SLoad.gen file that allows cybercriminals to download and install encryptors.
Phishing attacks have become more targeted recently, focusing on small organizations. "Hackers Are Posing as HR & Sending Lay-Off Mails to Push Malware" thequint.com (Aug. 22, 2020).