People who work in Finance are high-value targets for hackers. If you have access to money, then criminals want your credentials and the access and control they provide.
You should make accounts and other staff aware that specific business templates offered for free on websites are malicious.
eSentire reported in April that criminals have set up over 100,000 web pages offering invoice, receipt and other free templates to trap businesses into downloading them. The decoy is often a PDF using the legitimate Slim PDF software.
However, users get redirected to a malicious download of a RAT (Remote Access Trojan). This is malicious software installed on your computer to gain administrative access to steal credentials, install ransomware, send false invoices, gain a foothold in the network, and plan further attacks.
eSentire’s article gives further details on how widespread the attack is.
Thanks to Brett Jordan from Unsplash for image.