b'YOUR TOOLKIT FOR BUILDING EXCELLENCECLONE PHISHINGCYBER SECURITYBy: Jack GerbsQuanexusC lone phishing attacks are a new type of socialare more likely to click on the new email engineering attack that can be more difficultto see what changed. Cloning the original to detect than typical phishing emails. Cloneemail creates a more trusting environment phishing attacks generally use a clone of a legitimatewhere users are less likely to check links email to entice users to click a link or enter information.or email addresses. In the event of a business email A standard clone phishing tactic would be an emailcompromise, the email could come from a real and that looks like its from PayPal on the same day oftrusted email address, increasing the likelihood that the month you typically receive your account balanceusers will click the malicious link.notification. The email would look exactly like the oneLike other phishing campaigns, the malicious links ask users receive every month and might even show a highfor personal information, login credentials, or credit or past-due balance to create urgency and make userscard information which should be the first red flag for more likely to click the link. users. Criminals are also using clone phishing tactics Another form of clone phishing can be a follow-up to anto install malware which can be more challenging to initial email. Clone phishing emails can appear to comedetect.from a company or colleagues inside your businessUsers should be aware of this new phishing tactic if a business email compromise (BEC) has occurred.and be reminded to think before you click especially Hackers will resend the previous email and refer toduring the holiday season. Like other phishing tactics, updated links or resources in the new email. Since thecriminals try to create urgency with clone phishing to attack is based on a previously received email, userssteal data. FRAME BUILDER - AUG023 / 17'