Pay raises were used by scammers to bait employees in a recent phishing campaign that tried to trick them into handing out their Microsoft Office 365 account credentials.
The attackers posed as their targets' Human Resources department and asked them to open an Excel spreadsheet with a salary-increase-sheet-November-2019.xls filename hosted online and supposedly containing a list of salary increases.
"The threat actor attempts to make the email appear to come from the target company by manipulating the 'from' field in the headers," researchers at the Cofense Phishing Defense Center (PDC) found.
"In particular, the threat actor changes the part of the from field that dictates the “nickname” displayed in the mail client to make it appear as if it originated within the company."
![[correlate]](/data/avatars/m/79/79653.jpg?1556985072){kind=avatar}
