The latest Cyber Security Tips from Information Security Specialist, Karina Rosario.

A recent phishing scheme that INKY researchers uncovered is an illustration of how well-known name brands can be leveraged to trick unwary customers. This scam starts with an apparently innocent email from a PepsiCo employee asking for a price to buy something your company sells. The attached is a malicious file that is posing as a Request for Price (RFQ). A business can easily ask several suppliers how much they would charge for a certain commodity or service by sending out a request for bids, or RFQ.

These cybercriminals pretend to be PepsiCo to mimic the email address in a phishing attempt. In several instances, they even use the name of an actual PepsiCo employee. Common business terminology is used in the email to increase credibility. It also conveys a sense of urgency by threatening to take action if you delay. The chance that you'll fall for the bait is increased by this urgency and the well-known PepsiCo brand.

Follow these tips to stay safe from similar scams:

• Verify the email address and get in touch with the company using an alternative channel, such as their official phone number, even if the sender seems trustworthy.

• Watch out for hurried requests. Review and consider carefully for a moment, particularly if there is a deadline for a response in the email.

• Refrain from clicking links or opening attachments in unsolicited emails.

Source: The KnowBe4 Security Team

‍