The bad guys know how easy it is to trick you with emails that spoof–or appear to come from–your Human Resources team. These attacks are everywhere right now. The emails are often centered around topics such as “new” or “changed” policies, employee benefits, employee handbooks, payroll, and W-2 information.
Whenever you receive an email from your HR team, you may feel compelled to open the email and address it right away. The sense of authority that comes with HR emails is how the bad guys trick you. They’re counting on you falling victim to this sense of authority so you end up clicking before you think.
If you receive a suspicious email appearing to come from your HR team, or an HR-related service, always remember the following:
- Do not click on any links or download any attachments before picking up the phone and speaking with someone who can confirm the request is valid.
- Log in to the HR-related service account through your browser (not through links in the email) to check the validity of the information in the email.
Stop, Look, and Think. Don’t be fooled.