Dear Stars,

We are reaching out to raise awareness about a serious cybersecurity threat: spear phishing attacks.

Spear phishing attacks are targeted emails, WhatsApp messages, or SMSs that appear to come from trusted sources, such as colleagues or organizations. Their goal is to deceive recipients into divulging sensitive information or downloading malicious software. To safeguard ourselves against these threats, it’s crucial to understand the tactics commonly used:

• Urgency and Familiarity:Attackers often create a sense of urgency and may use personal details to seem legitimate.
• Malicious Links and Attachments: Messages (Email, WhatsApp, SMS) frequently include harmful links or attachments that, when clicked, can compromise security.
• Impersonation of Trusted Senders:The sender’s address may be spoofed to appear as someone familiar, sometimes even using our known person’s profile image in WhatsApp.
• Requests for Sensitive Information:Be cautious of any requests for passwords, account details, or other confidential information.

Recently, we’ve encountered multiple incidents where our employees received spear phishing messages. One notable incident involved a message via WhatsApp impersonating our CEO, complete with his profile image. Please refer to the screenshot below for more details:

Action Steps:

• Report: If you receive a suspicious message, promptly report it to our IT department. Include as much detail as possible to aid our investigation.
• Block and Delete:To mitigate risks, block the sender and delete the message immediately.

Your vigilance plays a crucial role in maintaining our cybersecurity defenses. If you have any questions or concerns, please contact our @CapeStart ITSuppport team.

Click Capestart Knowledge Base Portal for future reference. Please use the tool to learn more about IT and Security related tips and technology updates.