Cybercriminals are always coming up with new methods to steal your information and access your network. In a recent fraud, thieves used contact forms to get through email filters and install malware on victims’ computers. This is know as contact form fraud.
Scammers claim to be prospective clients who wish to seek an estimate for this kind of fraud. In order to get a quotation, the cybercriminal enters a contact form on the website of the firm. In the form, the cybercriminal may use a fake domain to make themselves look more authentic and trustworthy.
Inevitably, a representative from the company will respond to the request for a price quotation. Because the employee seems to be in touch with a possible customer, most email filters will not detect the response as being spam.
An employee will be infected with malware, after which the cybercriminal will return to his or her location via a file-sharing service. The virus in the file may infect the employee’s computer and enable the cybercriminal to get access to the whole organization’s network if the employee opens the file.
Don’t get taken in by this sort of fraud! To stay safe, follow the guidelines listed below:
- When you get an email, take a moment to consider if it contains any red signals. Check for emails that were sent outside of work hours or that have a large number of spelling or grammatical problems, to name a few examples.
- Keep an eye out for bogus attachments that are exchanged over a file-sharing service. It is possible for cybercriminals to circumvent antivirus protection by using file-sharing platforms.
- Even if an email seems to have been sent by a genuine source, proceed with caution. Keep in mind that fraudsters are capable of spoofing domains. If you need to confirm that an email is real, you should attempt to contact the sender directly through a phone call or text message.
