Manage Pressing Risks with

A one-stop hub for practical, timely and actionable insights, tools and training that may save thousands of dollars by minimizing potential loss exposures, human resources expenses, training costs, and attorney fees.

Stay on top of current workplace issues, legislation, and employment trends with:
  • Articles, News Briefs, and Checklists
  • Interactive Training Modules
  • Model Handbook with 100+ Template HR Policies, Procedures, and forms

Today's Workplace

The Re-emergence Of Emotet Malware Emphasizes The Need For Employee Vigilance

The Emotet malware is now sending one thousand emails per day, now with adaptations to avoid detection. Read suggestions for cyber protection and spam prevention.

Continue Reading

Remote Work Is Here To Stay, But So Are The Cyber Risks

More employees are going to work remotely. Learn why that presents even more cybersecurity challenges.

Continue Reading

IT Communication Breakdowns Lead To Higher Data Security Risks

IT can assist employees working from home to stop a cyberattack, but employees must first make the call. We examine the cybersecurity issue of remote employees not communicating with IT.

Continue Reading
print   email   Share

Watch Out For Phishing Emails Claiming Layoffs And Other COVID-Related Topics

Cybersecurity experts discovered a new malware attack in which cybercriminals are posing as human resources staff.

Some of the phishing emails claimed to contain "amendments to the medical leave procedure" for employees. Others inform the employee that he or she "is being laid off".

When the employee opens the attachment contained in the email, the victim's device is infected with malware. The cybercriminals can then access their victim's data as well as the organization's network.

Some attachments contain a Trojan-Downloader.MSOffice.SLoad.gen file that allows cybercriminals to download and install encryptors.

Phishing attacks have become more targeted recently, focusing on small organizations. "Hackers Are Posing as HR & Sending Lay-Off Mails to Push Malware" (Aug. 22, 2020).


Now is the time to use extra caution when receiving an unexpected email that contains a link or attachment, especially if it seems related to COVID-19.

Cybercriminals often take advantage of emotions—particularly fear or excitement—and use curiosity surrounding current events to trap their victims. Therefore, concerns surrounding the pandemic offer ideal fodder for phishing scams.

Other coronavirus-related scams include one in which cybercriminals send emails with the “COVID-19 Cure” card as an attachment, which contains malware.

Another common scam involves emails spoofing parcel services informing recipients that their package has been delayed and they need to open an attachment to learn where they can pick it up. Other emails contain a small image of a postal receipt that victims click on to see a larger format. In either case, their devices are infected with malware when they open the attachment.

Watch out for these and other topical phishing scams, and never click on a link or attachment unless you are expecting it and are certain of what it contains.

Finally, your opinion is important to us. Please complete the opinion survey: