Cybercriminals recently targeted European diplomats by impersonating representatives for the ambassador of India. They each received a fake invitation to an exclusive wine-tasting party. But, the invitation was actually a trick to install malware onto their devices. This type of scam could be used to target anyone, so let’s take a closer look at how it worked.
The scam starts with a simple phishing email that includes an attached PDF file. The PDF file is a convincing invitation to a party, complete with official-looking letterhead and contact information. The invitation asks you to complete a questionnaire in order to reserve your spot. If you click the questionnaire link, you are redirected to a website that automatically downloads malware onto your device. Once installed, the malware hides on your device and sends data back to the cybercriminals.
Follow the tips below to stay safe from similar scams:
- Be cautious of unexpected and exciting opportunities. Remember, if something seems too good to be true, it probably is!
- When you receive an email or invitation, stop and look for red flags. Consider the timing of the invitation and look for any spelling or grammatical errors.
- Never click a link or download an attachment in an email that you weren’t expecting.
Never be embarrassed if you think you may have clicked on something harmful, or if you’re unsure if a message, call, or email is legitimate!
Please report it to phish@appstate.edu.