Image
Image
Your account [email protected] password expires today 11/11/2019 6:26:44 a.m. Please kindly use the button below to continue with the same password Keep same password NOTE : This is a one time user verification carried out in purpose to provide a more secured platform and shut down robot or malicious users created in purpose of spamming and other fraudulent activities . Copyright © 2019 example.com security managementNot surprisingly, the "Keep same password" does not lead users to an IT portal where they're given the chance of keeping the same password. That's because their password is not set to expire to begin with. Instead, the email redirects users to a fake page that asks them to authenticate themselves with their corporate mail server. Users who comply inadvertently hand over their account credentials to the individuals responsible for the campaign. Those malicious actors can then use those details to perform a business email compromise (BEC) attack, at which point they can then commit CEO fraud and/or stage other secondary attacks. This attack highlights the need for organizations to protect their employees against attacks that attempt to trick recipients into handing over their account credentials. They can do this by leveraging their security awareness training programs to educate their workforce about some of the most common types of phishing attacks. This resource is a great place to start.
