There is a new campaign on the rise which is targeting users of the Ring video security system. The scammers send convincing phishing emails instructing people to click on an attachment file to update their membership.
Additional recommendations include (Source: INKY):
- Use your browser’s address bar to confirm that you’re on a real website instead of a local file.
- Confirm the domain of the website. In this case, recipients should be suspicious that the Ring login page is hosted on immobilmedia.com instead of ring.com."
- Be careful with display name spoofing. This example uses ‘Ring Video Doorbell’ as the display name, but recipients should be suspicious that the sender’s email address isn’t an authentic Ring email address.
- Always be suspicious when receiving HTML attachments from unknown senders. Simply opening the file can run malicious code on the recipient's computer.
Source: KnowBe4