'HARASSMENT COMPLAINT' Email Scam
Email tactics have been around since the dawn of the Internet. We, as humans, have a desire for the unearned and cybercriminals, have developed numerous tricks and social engineering techniques to trick us. Often, email tactics would claim that the user has won and an expensive item or an exotic holiday or resort to fear-mongering tricks to achieve their end goal.
Email Poses as a Sexual Harassment Complaint
The 'HARASSMENT COMPLAINT' email scam is a new trick that can be seen to deliver a variety of different messages, which are crafted carefully based on information about the recipient, such as their field of work or their profile. The message would state that the user has been accused of sexual harassment and it is being sent by the 'U.S. EQUAL EMPLOYMENT OPPORTUNITY COMMISSION.' You can see how, in the era of 'Me Too,' cyber crooks have decided to take this route when tricking users. The user is urged to download what seems like an attached file in the shape of a Microsoft Word document.
Users should be aware that the U.S. Equal Employment Opportunity Commission does not deliver complaints of this sort via email. This is important documentation, and it is not handled in such a careless manner certainly. If you have happened to receive a similar email, be sure that it is not the U.S. Equal Employment Opportunity Commission who is sending it, but it is cybercriminals who are attempting to trick you.
Delivers the TrickBot Trojan
However, if the recipient does open the attached file, they will see a bogus document that claims that the user needs to 'Enable Editing' or 'Enable Content.' With a message sounding as serious as a sexual harassment complaint many users may fall for this trick. If they click on the 'Enable Editing' or 'Enable Content' button, a corrupted macro-script, which was hidden in the document, will be executed. This will deploy a threat known as the TrickBot Trojan.
Users need to be more than careful when opening emails from unknown sources if they are also urged to launch an attached file especially, as this is a common trick used by cybercriminals worldwide.