IT-to-REMIND PHISHING

The first attacks have damaged Nexi-Carta Sì and Federazione Ordini Farmacisti Italiani.
The firs one was sent from a Top Level Domain – this domain category has an .it extension and SSL certificate so it’s easy for an user to let down your guard, to click to link and to insert user and password on fake sites.

The second one is a fake PEC, a type of email that is perceived as important and for this reason you could open it and the attaches with malwares.

Trends show that cyber criminals aim to account takeover (to obtain username e password of sites) and bec (business email comprise) attacks: the email sender looks like customers, suppliers, government addresses.

How to protect yourself and your company?

Never let down your guard.

Put attention to unexpected emails.

BEC attacks pass through anti-malware systems because they haven’t a damaging software, they are very customized and look likes pretty and grammatically correct.

If you receive an email informing you about an IBAN change from a customer, phone him to ask if it’s true.

Be careful about the email address: for criminals is easy to create a similar address and to put a dot or an dash or a plural form

If you are not sure, don’t click the links

Be informed about news in cybercrime.

If you would like to know more about cybercrime and how to protect your business, feel free to contact us for a chat.