Cybersecurity Corner: Heightened Risk of Phishing Attacks

Heightened Risk of Phishing Attacks

March 28, 2022

As political tension rises and the pandemic continues, cyber criminals are evolving their tactics with phishing scams. The latest wave of phishing focuses on vaccination, vaccine distribution or calls for political support. More recently, cyber criminals are leveraging legitimate business-related subject lines and email content stolen from previous data leaks and compromises to send targeted phishing emails to their victims. This makes the fraudulent email appear more legitimate and more difficult to detect.

Cyber criminals create convincing messages that appear to come from trustworthy sources such as government organizations, suppliers, customers, partners or even banks, schools, or charities. It becomes increasingly important to take a moment to pause before taking action. Continue to be cautious of emails that are external to your organization, solicits urgent calls to action and requests out of the ordinary or personal information.

As a reminder, Lockheed Martin communications will typically originate from the @lmco.com domain, so communications from any other domain should be thoroughly scrutinized. For a phishing attack or scam to be successful, the scammers must invoke action: clicking a link, downloading an attachment or app or providing information.

Follow these tips to avoid becoming a victim:

  • Be cautious of unexpected emails that appear to come from legitimate organizations, even those with legitimate subject lines and email content.
  • Review the sender email address to confirm whether the email came from a trusted domain.
  • Any correspondence that appears to be from fake domains or has other attributes that cause you to question its authenticity should be brought to the attention of your IT department.
  •  Carefully review messages with links or attachments urging you to click. Rather than clicking on links or attachments, visit trusted sources directly.
  • Do not reveal account credentials, personal, or financial information in an email and do not respond to emails soliciting this information.