Contact Form Fraud
Contact Background Image

Contact Form Fraud

Cybercriminals are always devising new ways to steal your information and attack your network. In a recent scam, cybercriminals use contact forms to bypass email filters and install malware.

In this scam, a cybercriminal pretends to be a potential client who wants to request a quote. To request a quote, the cybercriminal submits a contact form on an organization’s website. In the form, the cybercriminal may spoof a legitimate domain to appear more reputable.

Inevitably, an employee from the organization will reply back to the quote request. Since the employee seems to be initiating contact with a potential client, most email filters won’t flag the reply. The cybercriminal will then use a file-sharing service to send a malware-infected file back to the employee. If the employee opens the file, the malware can infect their computer and allow the cybercriminal to access their organization’s entire network.

Don’t fall for this type of scam! Follow the tips below to stay safe:

  • When you receive an email, stop and look for red flags. For example, watch out for emails that were sent outside of business hours and emails that contain multiple spelling or grammatical errors.
  • Watch out for fake attachments shared using a file-sharing service. Cybercriminals can use file-sharing services to bypass antivirus software.

Even if an email seems to come from a legitimate sender, remain cautious. Remember, cybercriminals can spoof domains. If you need to verify that an email is legitimate, try reaching out to the sender directly through phone call or text message.


Stop, Look, and Think. Don’t be fooled.

Protect your network! Learn more about security awareness training for your team.

Like this article?

Share on Facebook
Share on Twitter
Share on Linkdin
Share on Pinterest

More Posts

MFA to Zero Trust Image
Cybersecurity

How to go from MFA to Zero Trust

Increased connectivity, coupled with the rise of remote and hybrid work, is prompting organizations to evolve their user access security and make strides toward a

Cybersecurity Training Image
Cybersecurity

Yearly Cyber Training Doesn’t Work

If you’re sticking to once-a-year sessions for your employees, it’s time to rethink your approach. Let’s face it, it’s likely dull and uninspiring. And if

Fact vs Myth Image
Cybersecurity

Debunking 5 Common Internet Myths

In the vast landscape of the internet, myths and misconceptions often abound, shaping our perceptions and influencing our online behaviors. At Citynet, we’re committed to

SuperPod with WiFi 6E

Plume SuperPod WiFi 6E Specs

SuperPod with WiFi 6

Plume SuperPod WiFi 6 Specs

SuperPod

Plume SuperPod Secs