Hackers have developed a phishing scheme that appears to legitimately come from the employee’s company. The user receives an email that some important looking emails have been held and must be reviewed within 3 days. When the employee clicks on the link, they are brought to the company’s legitimate website and are asked to enter their Outlook credentials. The screen is in fact an overlay screen that hackers then use to access the user’s credentials.
Your employees should be warned about this scam and informed to contact the IT department before opening such emails. Also, if the user hovers over the “Review Messages Now” link in the email, they will see that it is a suspicious link and not from the company. To read the full article on the security affairs website, click here.