Question
You work in IT as a cybersecurity specialist. You receive a call from Sam, and employee in the human resource office. He explains some of
You work in IT as a cybersecurity specialist. You receive a call from Sam, and employee in the human resource office. He explains some of the new employees who are onboarding reported receiving an email from someone who does not work for the HR department to validate personal data as part of the hiring process. The email from this mystery person had a URL directing the new employees to www.$taffing.com while the actual URL is www.staffing.com and had instructions attached on how to complete all requirements. The new employees stated they didnt want to risk not receiving their new job and since the URL was functional and worked, they input all of the requested data into the fake website. They do not know all of the employees in HR because they are new, and assumed the email was legitimate.
For your initial post:
What type of attack is this, what would you do in this situation (incident response), and how would you prevent this scenario from reoccurring again in the future?
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started