Most online services have a built-in security system that alerts an employee when it detects “unusual” activity on their account. For example, services send notifications about attempts to reset the phone number and e-mail address linked to the account, or the password.

Of course, as soon as such messages became commonplace, enterprising cybercriminals tried to imitate this mechanism to attack corporate users.

As cyberattacks rely on the human factor more often with each year, as the cybersecurity technologies progress, such tricks are becoming more and more common and were registered in multiple mailouts around the world.

The scenario is usually the following: if it’s a public online service attackers will usually make every effort to create exact copies of a real message.

“Spam and phishing attacks are probably the most underappreciated type of cyberthreats,” says Maria Garnaeva, cybersecurity expert at Kaspersky. “Even the most responsible employees can be tricked into clicking on them, everyone tends to lose their focus in the hustle of a working day.

“The good news is modern cybersecurity solutions are often equipped with proper despams filters, and most employees’ trainings in cybersecurity hygiene are successful at preventing such incidents from occurring.”

To minimise the chances of cybercriminals getting their hands on employees’ credentials, they should be aware of the following:

* Never click on links in automatic security notifications, whether real looking or not.

* On receiving a notification, check the security settings and linked details, do so by opening the website in the browser manually.

* A clumsily worded notification is best ignored and deleted.

* If the notification looks real, notify the IS service or security officer; it may be a sign of a targeted attack.