BladesDynamicDemoBlade

Tripwire logo

News

Kim komando logo

Bleeping computer logo

Scammers are trying to steal email credentials from employees by impersonating their organization's human resources (HR) department in phishing emails camouflaged as internal 'back to work' company memos.

Phishing lures employees with fake 'back to work' internal memos

People make the mistake of thinking that scammers only go after computer novices or senior citizens, but the truth is they’re targeting everyone — including working Americans. There are numerous examples of hackers spreading malware with imposter emails that look like they came from a boss or co-worker.

Warning: This Zoom invite is a clever phishing scam

Bank info security logo

Enterprise security tech logo

The company’s task force dedicated to tracking down COVID-19 cyber security threats said it discovered fraudulent emails impersonating a Chinese business executive at a credible cold-chain supply company. The emails, dating back to September, targeted organizations across six countries, including Italy, Germany, South Korea, Czech Republic, greater Europe and Taiwan.

IBM Uncovers Global Email Attack on COVID Vaccine Supply Chain

Researchers at Abnormal Security have uncovered a credential-stealing phishing campaign that spoofs internal company memos concerning returning to the office.

'Return to Office' Phishing Emails Aim to Steal Credentials

Homepage

Breadcrumbs

Abnormal AI provides advanced email security to prevent credential phishing, business email compromise, account takeover, and more.

Abnormal AI

A phishing campaign used what appeared to be back-to-work notifications in order to compromise recipients’ corporate email accounts. Near the end of November, Abnormal Security detected one of the campaign’s attack emails. That message masqueraded as an internal notification from the recipient’s company.

Back-to-Work Phishing Campaign Targeting Corporate Email Accounts

A phishing campaign used what appeared to be back-to-work notifications in order to compromise recipients’ corporate email accounts. Near the end of…

description

used, appeared, back-to-work, notifications, order, compromise, recipients’, corporate, abnormal, security, detected, campaign’s, internal, notification, campaign

keywords

https://images.abnormalsecurity.com/production/images/press/tripwire-logo.png?w=1200&h=630&q=82&auto=format&fit=crop&dm=1632180586&s=38ad64dcc3332ee29c5b3c344948f80e

https://abnormal.ai/about/news/back-to-work-phishing-campaign-targeting-corporate-email-accounts

referrer

robots

twitter:card

twitter:creator

twitter:description

https://images.abnormalsecurity.com/production/images/press/tripwire-logo.png?w=800&h=418&q=82&auto=format&fit=crop&dm=1632180586&s=e9f663ded0dd3f586b667e793d6180b7

twitter:image

twitter:image:alt

twitter:image:height

twitter:image:width

twitter:site

twitter:title

{"title":{"title":"Back-to-Work Phishing Campaign Targeting Corporate… | Abnormal AI"}}

Demo

Schedule a Demo

AI's Role in Cyber Defense

CNBC Disruptor 50: Abnormal Security

Generative AI Could Revolutionize Email—for Hackers

Ones to Watch in Tech

Email Subscribe

<p>Subscribe to our newsletter to receive updates on the latest attacks and new trends in the email threat landscape.</p>

Newsroom

Introducing Abnormal’s Biggest Product Release Yet

<p>Announcing Our Biggest Product Release Yet</p>

vs Mimecast

vs Avanan

Secondary CTA

Whether FormComplete is utilized on a form

FormComplete

CTA Display

What text is displayed on the primary CTA (see sheet for details on copy)

Primary CTA Text

Form Columns

chakra-ui-ChakraProvider

Button

EmbeddedVideo

EyebrowText

Footer

Screen

PrimaryCtaText

FormColumns

CtaDisplay

VsMimecast

SecondaryCta

VsAvanan

Abnormal Solutions

react-awesome-reveal

lottie-react

date-fns

plasmic-nav

react-scroll-parallax-global

plasmic-embed-css

Abnormal Pages

loading-boundary

plasmic-query

plasmic-basic-components

Abnormal Legal

Abnormal Why Abnormal

Abnormal Landing Pages

react-aria

plasmic-rich-components

Abnormal Partners

Abnormal Products

Abnormal Design System

Abnormal Marketing

antd5 hostless

react-slick

Gartner mq 4x

Analyst Research

Gartner names Abnormal a Leader in Email Security Platforms, placed furthest for Completeness of Vision.

Abnormal Named a Leader in 2024 Gartner® Magic Quadrant™

Email Security

B 1500x1500 MKT856 Aimpoint report 1

White Papers

Discover how replacing your SEG with Abnormal’s behavioral AI boosts protection, cuts costs, and reduces manual work—backed by real customer results.

The Unexpected Benefits of Replacing a Secure Email Gateway with Abnormal AI

Abnormal Platform

B 1500x1500 Aim Point SAT Awareness Survey Report

Discover why traditional SAT programs are falling short and how modern, AI-enhanced approaches reduce human risk and improve your security posture.

2025 State of Security Awareness Training

B Inside the AI Arms Race Malicious AI WP

Discover how attackers are abusing trusted AI tools and using malicious GPTs to scale cybercrime—and how to stay ahead of the threat.

Inside the AI Arms Race: How Cybercriminals Exploit Trusted Tools and Malicious GPTs

Generative AI

B H1 2025 Email Threat Report

Threat Reports

Learn how the malicious use of AI is amplifying the impact of BEC, VEC, and phishing attacks in our latest threat report.

H1 2025 - Adversarial AI: Attacker Innovation Escalates Advanced Email Threats

Back-to-Work Phishing Campaign Targeting Corporate Email Accounts

See How Abnormal AI Protects Humans