Good news ! Hackbusters community is waiting for you !
KnowBe4 has been running the HackBusters site for a few years now, providing you with trending IT security news. We are expanding it and have launched a new exciting online community! The forum is divided into four main topics or categories: Social Engineering, Ransomware, Phishing and Security Awareness Training. You are invited to be one of the first to join us at:

Beware: These Scams Turn Open Enrollment into Open Season for Phishing


Last fall, PhishMe warned you about scams that use phishing to steal your health savings account (HSA) details during open enrollment periods. This year we are seeing a variety of phishing scams that can take advantage of your year-end diligence in managing personal and corporate assets.

We saw this red flag early.

As an enterprise employee you may have several different types of deductions from your paycheck—some to take advantage of tax benefits and some just for convenience. Fraudsters know this, and they are spoofing payroll deduction services. In mid-September PhishMe recorded phishing messages that suggested an employee needed to log in to an “Enterprise Payroll Deduction website.”

Figure 1 Phishing message suggesting recipient log in to manage a payroll deduction

Although the page was down when we viewed it, the same domain is currently hosting phishing pages that spoof a school lunch money deduction service.

Figure 2 Sapphire at School phishing page on volanteportal...(continued)

View All Trending Stories