Unfortunately, we're always talking about cyber scams. Why? Because they work, and people continue to fall for them. And now there's another new trick they are using.
Cybercriminals are savvy and use what is at their disposal. As a result, they're forever coming up with new ways to infiltrate your devices and networks to access your valuable data.
Fortunately, as defense, our weapons continue to get more robust to help keep you protected. Many email systems are now especially good at identifying malicious messages and threats to protect you and your business.
The new method is to use your website contact form – and most have one – to launch the new threat. That's because cybercriminals use a web form to spread malware and gain access to your computer.
How: The criminals are posing as a potential new clients asking you to provide them with a quote for your goods and services.
Once you have emailed your reply to their request, they'll send you a link to a file that is relevant to your conversation.
Crucially, this file won't be attached to the email. Instead, they will send it via a file-sharing service, such as WeTransfer. Again, this is to bypass your email provider's protection.
Think about the psychology (aka social engineering) of what's happening here. Whoever in your business manages this conversation thinks they are talking to a prospective new customer. So, unfortunately, they are much more likely to click on the link and open the file (even without thinking about it because it originated from a trusted source, your website).
But remember, all your staff members wanted to do was to start down the road to a new client and sale, just like they have done hundreds of times before.
The fact that the conversation started with your website's contact form lowers their natural skepticism. And unfortunately, when they opened the file, it gave the cybercriminals remote access to your device, even if it was for a short period. It was just long enough to allow them to access your entire network and establish persistence. Then they wait to launch a malware or ransomware attack at their leisure.
Ransomware is something you want to avoid at all costs. It's where your data is encrypted and becomes useless to you. Unfortunately, many pay a hefty ransom fee to get it back… with absolutely no guarantee that the payment will work, or the decryption process will be successful.
Experts believe this form of the "contact form" abuse was first tested on large businesses in December 2021. However, most also believe it's becoming more popular, targeting small businesses.
It's vital that you and your team verify that requests sent via your website are genuine. And never, ever open any files emailed or open linked files unless you trust the source 100%.
Don't hesitate to contact us if we can help keep your business protected or train your team on the threats to be aware of.
