The Cybersecurity and Infrastructure Security Agency (CISA) reported an email phishing scam that looks like an official Department of Homeland Security notice. The malicious email uses a spoofed email address that appears to be a National Cyber Awareness System alert. If the attachment in the email is opened, it downloads malware onto the user’s system.
CISA has the following tips to avoid succumbing to phishing attacks:
- Be wary of unsolicited emails, even if the sender seems to be known.
- Use caution opening links and attachments.
- Report suspicious emails to your IT department or email provider.
All businesses should remind employees on an ongoing basis about phishing schemes and safe email practices.
