Following up on my post about a Phishing Example, the people behind these phishing attacks have sunk to a new low.
Playing on the fears of active shooter events, especially at schools, these latest phishing scams try to trick you into clicking on a link related to an event on a college or high school campus. When you click the link, you are presented with a fake Microsoft login screen to try to steal your Microsoft Account credentials. This started in Florida, but will like quickly spread around the country, so be on the lookout!
Security firm KnowBe4 sent out the following advisory related to this new, low trick:
“Heads-up. You’d think it could not get any worse, but some bad guys have sunk to a new low. They are now exploiting recent active shooter events on campus to get people panicked and “click-by-reflex” to find out if a loved one is safe.
This same phishing attack could be used against any organization with an active shooter protocol and training in place. If you see emails with titles like:
- “IT DESK: Security Alert Reported on Campus”
- “IT DESK: Campus Emergency Scare”
- “IT DESK: Security Concern on Campus Earlier”
Please think before you click, and look for any red flags related to a phishing scam.”