Back to Office: Fax and scan phishing attacks increase

Thales veröffentlicht seinen Global Data Threat Report 2021

Security Awareness – Phishing via fax and scanner

By Jelle Wieringa, Security Awareness Advocate at Knowbe4

Jelle Wieringa, Security Awareness Advocate at KnowBe4

Thanks to the worldwide success of vaccination and the slowly weakening number of cases, more and more employees are returning to the formerly familiar office environment. Some companies are now breathing a sigh of relief as they also expect better information and IT security. But as always with this cat and mouse game, the cybercriminals are one step ahead of them. More employees in the office hot for you that you can adjust your phishing activities to the changed situation.

An investigation by Avanan now shows that more phishing attempts are being made via fax and scan. In the end, countless printers and fax machines are waiting for the employees in the offices. They are the gateway to the corporate network. The phisihing campaign, which has now been revealed, shows a significant increase in phishing emails related to fax and scanners in May.

According to Avanan’s data, from January to April there were just over 53,000 phishing emails asking the recipient to check a fake fax or scan with a malicious link. This equates to about 13,000 emails per month that use this type of theming and look similar to the one below.

Figure 1: Phishing by fax (Source: Avanan)

But in May alone, that number rose to 65,000 – a 500 percent increase, which fits perfectly with the fact that many companies are asking their employees to return to work.

When employees return to the office, companies should adapt their security strategy to the new circumstances, as the attackers ultimately did. In addition to technical measures, organizational measures are particularly suitable. A continuous security awareness training for all employees is helpful, in which they are informed about these and other topics of phishing attacks and kept up to date with the latest scams and social engineering tactics so that they can protect themselves and the company from cyber attacks.

Ready to see us in action:

More To Explore
Enable registration in settings - general
Have any project in mind?

Contact us: