Skip to content

Employers: A cautionary tale about new cyber threats involving employee handbooks

June 20, 2025

Clark Hill has a robust cybersecurity and privacy practice group and a team of employment attorneys. The cyber unit’s work benefits all practice areas they learn about the newest risks facing clients. Recently, their work has uncovered a devious hacker ploy involving electronic distributions of employee handbooks.

Cybercriminals are obtaining copies of real or fake employee handbooks and distributing them by email, spoofing a legitimate employer email address so that the email and its attachment appear authentic. The email asks the employee to scan a QR code, which is described as a way to acknowledge receipt of the handbook. When scanned, the QR codes direct the recipient to a malicious website that impersonates a legitimate corporate login portal, such as Microsoft 365 or even your own Company’s HR portal. The QR code requires the employee to provide user credentials, which the hacker then uses to gain access to the email environment. This scheme can also be used to install malware when the QR code is accessed.

Companies may wish to engage preventative strategies. For example,

  • Provide email security training using this ploy as a case study
  • Communicate to employees how and when handbooks are distributed and the manner in which acknowledgments are collected
  • Engage with your IT Department on best practices for email and business records security, the use of multi-factor authentication, and anti-malware software
  • Training employees that handbooks are company property and are not to be disseminated outside of the company
  • Engage with payroll providers or vendors of your HRIS software about the security of portals and company documents stored on their sites

If you have questions about this alert or how to best protect yourself from threat actors seeking unauthorized access to your internal systems, please contact Vanessa Kelly, Maria Dwyer or Melissa Ventrone, or the Clark Hill attorney with whom you work.

This publication is intended for general informational purposes only and does not constitute legal advice or a solicitation to provide legal services. The information in this publication is not intended to create, and receipt of it does not constitute, a lawyer-client relationship. Readers should not act upon this information without seeking professional legal counsel. The views and opinions expressed herein represent those of the individual author only and are not necessarily the views of Clark Hill PLC. Although we attempt to ensure that postings on our website are complete, accurate, and up to date, we assume no responsibility for their completeness, accuracy, or timeliness.

Subscribe for the latest

Subscribe

Related

Event

Webinar: Special Education Bootcamp - Compliance Foundations Under IDEA

Whether you are new to special education leadership or looking to reinforce your foundational knowledge, this interactive webinar will provide a comprehensive overview of the core compliance requirements under the Individuals with Disabilities Education Act (IDEA). Designed for school leaders who are responsible for ensuring legally sound practices, this session will offer practical tools and strategies to help participants navigate common procedural and substantive pitfalls, support sound decision-making, and build a compliant and student-centered special education program.

Explore more
Event

Telehealth Week Webinar 2025: Navigating Legal Changes and Future Trends for Healthcare Providers

Join Paul Schmeltzer, Carrie Foote, and John Howard for our one-hour annual Telehealth Week webinar, focused on the evolving legal landscape of telehealth. This session will cover key topics, including the upcoming DEA final rule on prescribing controlled substances via telehealth, federal reimbursement concerns for telehealth, and what healthcare providers need to prepare for other upcoming changes.

Explore more
Event

Webinar: The Transatlantic Tightrope: AI, ESG and the Evolving Duty of Care for Multinational Companies

Join Mariah Leffingwell and Sam Saarsteiner for a conversation, moderated by co-chair of Clark Hill’s ESG & Sustainability advisory practice, Maram Salaheldin,  that bridges the Atlantic—and the gap between innovation and accountability—as they explore how today’s duty of care must adapt to tomorrow’s technologies.

Explore more