In an increasingly common approach, scammers are targeting recent hires, purporting to be corporate executives at the individuals’ new companies. Employees are asked to complete tasks such as sharing personal information, purchasing a gift card for a client, or wiring funds to another business. The new employee is tempted to do as asked, as the scammers prey on eagerness to make a good impression and lack of context as to what’s reasonable at the company.
Scammers seemingly gather information by scraping LinkedIn for job changes and corporate titles, then cross-reference their new knowledge with email addresses and phone numbers stolen in data breaches. The best defense is awareness: add security training to your onboarding process. Teach new employees to distrust unsolicited messages from unfamiliar addresses or numbers, to be wary of unusual requests, and to check with a trusted source within the company before replying.
