Multiple ACA Aponix clients have reported receiving a phishing email that claims to be about a credit card charge and contains an attachment the sender claims is a screenshot of their credit card statement. Do not open or download the attachment, as it contains malware. The email targets persons listed on the recipient firm's Form ADV, such as the firm's CFO, and the subject line specifically mentions the recipient firm's domain.
ACA Aponix Guidance
ACA Aponix recommends taking the following precautionary measures to protect yourself from phishing threats:
- Do not open attachments included in unsolicited emails;
- Check links contained in emails by hovering over them before clicking;
- Disable macro execution by default in the Microsoft Office Trust Center;
- Make sure antivirus and anti-spyware software is up-to-date; and
- Train employees on how to prevent phishing threats.
If you have any questions, please contact your ACA Aponix consultant or email us at firstname.lastname@example.org.