电子邮件骗子使用旧伎俩与新花样

为了躲避疫情，很多员工都在家里做生意，骗子们加大了他们的骗术，以恐吓受害者，使其落入“获取证书”的陷阱。

两份新的报告揭露了数字诈骗者使用旧方法在不知不觉中放弃个人或公司网上银行和服务器门户的登录凭据。这两份报告的重点是如何避免成为企业或消费者的受害者。

Armorblox提出了一个新的威胁:除非潜在的受害者立即更新并确认他们的账户信息，否则他们将回收不活动的地址。这就导致了可怕的收件人输入他们的合法电子邮件地址和密码信息。

第二份报告是由电子邮件钓鱼保护公司INKY发布的，揭示了获取钓鱼邮件证书的复杂指令。这些电子邮件假冒美国司法部，使用带有真正标志的恶意链接，模仿政府网站。

原文：With much of the workforce conducting business from home to escape the pandemic, scammers have revved up their trickery to scare victims into falling for credential harvesting schemes.

Two new reports lay bare the new twists digital scammers are putting on old approaches to get you to unwittingly give up login credentials for your personal or company online banking and server portals. The two reports focus on how to avoid becoming a corporate or consumer victim.

One new twist detailed by Armorblox threatens to recycle inactive addresses unless the would-be victims immediately update and confirm their account details. This results in fearful recipients entering their legitimate email addresses and password information.

The second report, by email phishing protection firm INKY, reveals the intricate directives of a credential harvesting phishing email. These emails impersonate the United States Department of Justice by using a malicious link with real logos mimicking government websites.