{"id":13584,"date":"2025-07-30T17:34:55","date_gmt":"2025-07-30T14:34:55","guid":{"rendered":"https:\/\/www.kaspersky.com.tr\/blog\/?p=13584"},"modified":"2025-07-30T17:34:55","modified_gmt":"2025-07-30T14:34:55","slug":"employee-handbook-phishing-scheme","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/employee-handbook-phishing-scheme\/13584\/","title":{"rendered":"Yeni kimlik av\u0131 doland\u0131r\u0131c\u0131l\u0131\u011f\u0131 sahte \u0130K politikas\u0131 g\u00fcncellemeleriyle kullan\u0131c\u0131lar\u0131 tuza\u011fa d\u00fc\u015f\u00fcr\u00fcyor"},"content":{"rendered":"<p>Bir s\u00fcredir <a href=\"https:\/\/securelist.com\/spear-phishing-meets-mass\/113125\/\" target=\"_blank\" rel=\"noopener\">kitlesel \u00f6l\u00e7ekte hedef odakl\u0131 kimlik av\u0131 hileleri kullanma giri\u015fimleri<\/a> g\u00f6r\u00fcyoruz. Bu \u00e7abalar; genellikle belirli bir \u015firketi taklit eden normalden biraz daha iyi e-posta stiliyle, <a href=\"https:\/\/securelist.com\/email-spoofing-types\/102703\/\" target=\"_blank\" rel=\"noopener\">hayalet sahtekarl\u0131\u011f\u0131 (ghost spoofing)<\/a> yoluyla kurumsal bir g\u00f6ndereni taklit etmekle ve en iyi ihtimalle kurbana ismiyle hitap ederek ki\u015fiselle\u015ftirilmi\u015f bir mesaj g\u00f6r\u00fcnt\u00fcs\u00fc vermekle s\u0131n\u0131rl\u0131d\u0131r. \u00a0Ancak bu y\u0131l\u0131n Mart ay\u0131nda, yaln\u0131zca e-posta g\u00f6vdesinin de\u011fil, ekli belgenin de ki\u015fiselle\u015ftirildi\u011fi \u00f6zellikle ilgi \u00e7ekici bir kampanya fark etmeye ba\u015flad\u0131k. \u015eeman\u0131n kendisi de biraz s\u0131ra d\u0131\u015f\u0131yd\u0131: Kurbanlar\u0131, \u0130K politikas\u0131 de\u011fi\u015fiklikleri bahanesiyle, kurumsal e-posta kimlik bilgilerini girmeleri i\u00e7in kand\u0131rmaya \u00e7al\u0131\u015ft\u0131.<\/p>\n<h2>Yeni \u0130K y\u00f6nergelerinin g\u00f6zden ge\u00e7irilmesine dair sahte bir talep<\/h2>\n<p>Nas\u0131l \u00e7al\u0131\u015ft\u0131\u011f\u0131n\u0131 anlatal\u0131m. Ma\u011fdur, g\u00f6r\u00fcn\u00fc\u015fte \u0130K\u2019dan gelen ve kendisine ismiyle hitap eden bir e-posta al\u0131r. E-posta, uzaktan \u00e7al\u0131\u015fma protokolleri, mevcut avantajlar ve g\u00fcvenlik standartlar\u0131 ile ilgili \u0130K politikas\u0131ndaki de\u011fi\u015fiklikler hakk\u0131nda onlar\u0131 bilgilendirir. Do\u011fal olarak, herhangi bir \u00e7al\u0131\u015fan bu t\u00fcr de\u011fi\u015fikliklerle ilgilenecektir, bu nedenle imle\u00e7 do\u011fal olarak ekli belgeye do\u011fru kayar, bu arada ba\u015fl\u0131\u011f\u0131nda al\u0131c\u0131n\u0131n ad\u0131 da yer al\u0131r. Dahas\u0131, e-postada <a href=\"https:\/\/www.kaspersky.com.tr\/blog\/phishing-stamp-verified\/10878\/\" target=\"_blank\" rel=\"noopener\">g\u00f6nderenin do\u011fruland\u0131\u011f\u0131n\u0131<\/a> ve mesaj\u0131n g\u00fcvenli g\u00f6nderenler listesinden geldi\u011fini belirten ikna edici bir ba\u015fl\u0131k vard\u0131r. Deneyimlerin g\u00f6sterdi\u011fi gibi, bu tam da ekstra incelemeyi hak eden t\u00fcrden bir e-postad\u0131r.<\/p>\n<div id=\"attachment_13586\" style=\"width: 1021px\" class=\"wp-caption aligncenter\"><a href=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/91\/2025\/07\/30172621\/employee-handbook-phising-scheme-letter.jpg\"><img loading=\"lazy\" decoding=\"async\" aria-describedby=\"caption-attachment-13586\" class=\"size-full wp-image-13586\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/91\/2025\/07\/30172621\/employee-handbook-phising-scheme-letter.jpg\" alt=\"Al\u0131c\u0131dan \u0130K y\u00f6nergelerini g\u00f6zden ge\u00e7irmesini isteyen bir e-posta\" width=\"1011\" height=\"838\"><\/a><p id=\"caption-attachment-13586\" class=\"wp-caption-text\">Sahte \u0130K politikas\u0131 g\u00fcncellemeleriyle kurbanlar\u0131 cezbetmek i\u00e7in tasarlanm\u0131\u015f bir kimlik av\u0131 e-posta mesaj\u0131<\/p><\/div>\n<p>Yeni ba\u015flayanlar i\u00e7in, g\u00fcven verici ye\u015fil banner ve ki\u015fiselle\u015ftirilmi\u015f kar\u015f\u0131lama mesaj\u0131 da dahil olmak \u00fczere t\u00fcm e-posta i\u00e7eri\u011fi bir g\u00f6rselden olu\u015fur. Metnin herhangi bir b\u00f6l\u00fcm\u00fcn\u00fc farenizle se\u00e7meye \u00e7al\u0131\u015farak bunu kolayca kontrol edebilirsiniz. Me\u015fru bir g\u00f6nderici asla bu \u015fekilde bir e-posta g\u00f6ndermez; bu pratik de\u011fildir. Bir \u0130K departman\u0131n\u0131n b\u00f6ylesine yayg\u0131n bir duyuru i\u00e7in her bir \u00e7al\u0131\u015fana tek tek resim kaydetmek ve g\u00f6ndermek zorunda kald\u0131\u011f\u0131n\u0131 d\u00fc\u015f\u00fcn\u00fcn! Metni resim olarak yerle\u015ftirmenin tek nedeni e-posta antispam veya antiphishing filtrelerini atlatmakt\u0131r.<\/p>\n<p>E-postada sald\u0131rganlar\u0131 ele verebilecek ba\u015fka, daha ince ipu\u00e7lar\u0131 da var. \u00d6rne\u011fin, ekli belgenin ad\u0131 ve hatta bi\u00e7imi e-posta g\u00f6vdesinde belirtilenlerle e\u015fle\u015fmiyor. Ancak \u201cresimli\u201d e-posta ile kar\u015f\u0131la\u015ft\u0131r\u0131ld\u0131\u011f\u0131nda, bunlar k\u00fc\u00e7\u00fck ayr\u0131nt\u0131lar.<\/p>\n<h2>\u0130nsan kaynaklar\u0131 y\u00f6nergelerini taklit eden bir ek<\/h2>\n<p>Elbette, ekteki belge herhangi bir ger\u00e7ek \u0130K y\u00f6nergesi i\u00e7ermiyor. Bulaca\u011f\u0131n\u0131z \u015fey, k\u00fc\u00e7\u00fck bir \u015firket logosu ve g\u00f6ze \u00e7arpan bir \u201c\u00c7al\u0131\u015fan El Kitab\u0131\u201d ba\u015fl\u0131\u011f\u0131 i\u00e7eren bir ba\u015fl\u0131k sayfas\u0131d\u0131r. Ayr\u0131ca, de\u011fi\u015fiklikleri belirtmek i\u00e7in k\u0131rm\u0131z\u0131 renkle vurgulanm\u0131\u015f \u00f6gelerin bulundu\u011fu bir i\u00e7indekiler tablosu ve ard\u0131ndan QR kodlu bir sayfa (belgenin tamam\u0131na eri\u015fmek i\u00e7in) i\u00e7erir. Son olarak, telefonunuzla QR kodlar\u0131n\u0131 nas\u0131l tarayaca\u011f\u0131n\u0131za dair \u00e7ok temel bir talimat vard\u0131r. Kod, elbette, kullan\u0131c\u0131dan kurumsal kimlik bilgilerini girmesinin istendi\u011fi bir sayfaya y\u00f6nlendirir, bu da plan\u0131n yazarlar\u0131n\u0131n pe\u015finde oldu\u011fu \u015feydir.<\/p>\n<div id=\"attachment_13587\" style=\"width: 1968px\" class=\"wp-caption aligncenter\"><a href=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/91\/2025\/07\/30172734\/employee-handbook-phising-scheme-attachment.jpg\"><img loading=\"lazy\" decoding=\"async\" aria-describedby=\"caption-attachment-13587\" class=\"size-full wp-image-13587\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/91\/2025\/07\/30172734\/employee-handbook-phising-scheme-attachment.jpg\" alt=\"\u0130K k\u0131lavuzlar\u0131nda yap\u0131lan g\u00fcncellemeleri vurguluyormu\u015f gibi davranan bir belge\" width=\"1958\" height=\"840\"><\/a><p id=\"caption-attachment-13587\" class=\"wp-caption-text\">Doland\u0131r\u0131c\u0131lar\u0131n yem olarak kulland\u0131klar\u0131 belge<\/p><\/div>\n<p>Belge, kurban\u0131 \u00f6zellikle kendileri i\u00e7in oldu\u011funa ikna etmek i\u00e7in tasarlanm\u0131\u015f ifadelerle doludur. \u0130simleri bile; bir kez selamlama yaz\u0131s\u0131nda ve bir kez de talimattan \u00f6nce gelen \u201cBu mektubun amac\u0131 \u2026 \u201d sat\u0131r\u0131 olmak \u00fczere iki kez ge\u00e7mektedir. Ve evet, dosya ad\u0131 onlar\u0131n ad\u0131n\u0131 da i\u00e7erir. Ancak bu belgenin g\u00fcndeme getirmesi gereken ilk soru \u015fudur: Ama\u00e7 ne?<\/p>\n<p>Ger\u00e7ek\u00e7i olmak gerekirse, t\u00fcm bu bilgiler ki\u015fiselle\u015ftirilmi\u015f, d\u00f6rt sayfal\u0131k bir dosya olu\u015fturmadan do\u011frudan e-postada sunulabilirdi. Bir \u0130K \u00e7al\u0131\u015fan\u0131 neden bu kadar zahmete girer ve her \u00e7al\u0131\u015fan i\u00e7in bu anlams\u0131z g\u00f6r\u00fcnen belgeleri olu\u015fturur? D\u00fcr\u00fcst olmak gerekirse, ba\u015flang\u0131\u00e7ta doland\u0131r\u0131c\u0131lar\u0131n b\u00f6ylesine ayr\u0131nt\u0131l\u0131 bir d\u00fczenekle u\u011fra\u015facaklar\u0131ndan \u015f\u00fcphe duyuyorduk. Ancak ara\u00e7lar\u0131m\u0131z, bu kampanyadaki t\u00fcm kimlik av\u0131 e-postalar\u0131n\u0131n ger\u00e7ekten de her biri al\u0131c\u0131n\u0131n ad\u0131na \u00f6zg\u00fc farkl\u0131 ekler i\u00e7erdi\u011fini do\u011fruluyor. Muhtemelen her al\u0131c\u0131 i\u00e7in bir belge ve bir e-posta g\u00f6r\u00fcnt\u00fcs\u00fc olu\u015fturan yeni bir otomatik posta mekanizmas\u0131n\u0131n \u00e7al\u0131\u015fmas\u0131n\u0131 g\u00f6r\u00fcyoruz ya da belki de sadece baz\u0131 son derece adanm\u0131\u015f kimlik avc\u0131lar\u0131\u2026<\/p>\n<h2>Nas\u0131l g\u00fcvende kalabilirsiniz?<\/h2>\n<p><a href=\"https:\/\/www.kaspersky.com.tr\/small-to-medium-business-security\/mail-server?icid=tr_kdailyplacehold_acq_ona_smm__onl_b2b_kasperskydaily_wpplaceholder_______\" target=\"_blank\" rel=\"noopener\">\u00d6zel bir g\u00fcvenlik \u00e7\u00f6z\u00fcm\u00fc<\/a>, kurumsal posta sunucusundaki \u00e7o\u011fu kimlik av\u0131 e-posta mesaj\u0131n\u0131 engelleyebilir. Ayr\u0131ca, cep telefonlar\u0131 da dahil olmak \u00fczere \u015firket \u00e7al\u0131\u015fanlar\u0131 taraf\u0131ndan i\u015f i\u00e7in kullan\u0131lan t\u00fcm cihazlar da <a href=\"https:\/\/www.kaspersky.com.tr\/small-to-medium-business-security?icid=tr_kdailyplacehold_acq_ona_smm__onl_b2b_kasperskydaily_wpplaceholder_______\" target=\"_blank\" rel=\"noopener\">korunmal\u0131d\u0131r<\/a>.<\/p>\n<p>Ayn\u0131 zamanda \u00e7al\u0131\u015fanlar\u0131n modern doland\u0131r\u0131c\u0131l\u0131k taktikleri hakk\u0131nda e\u011fitilmesini (\u00f6rne\u011fin blogumuzdaki kaynaklar\u0131 payla\u015farak) ve genel siber g\u00fcvenlik fark\u0131ndal\u0131klar\u0131n\u0131n s\u00fcrekli olarak art\u0131r\u0131lmas\u0131n\u0131 \u00f6neriyoruz. Bu, <a href=\"https:\/\/k-asap.com\/tr\/?icid=tr_kdailyplacehold_acq_ona_smm__onl_b2b_kasperskydaily_wpplaceholder_______&amp;utm_source=kdaily&amp;utm_medium=blog&amp;utm_campaign=tr_wpplaceholder_nv0092&amp;utm_content=link&amp;utm_term=tr_kdaily_organic_avmwswubv8qh92b\" target=\"_blank\" rel=\"noopener\">Kaspersky Automated Security Awareness<\/a> gibi platformlar arac\u0131l\u0131\u011f\u0131yla ger\u00e7ekle\u015ftirilebilir.<\/p>\n<input type=\"hidden\" class=\"category_for_banner\" value=\"mdr\"><input type=\"hidden\" class=\"placeholder_for_banner\" data-cat_id=\"mdr\" value=\"9584\">\n","protected":false},"excerpt":{"rendered":"<p>Spear-phishing e-posta tekniklerinin kitlesel \u00f6l\u00e7ekte kullan\u0131ld\u0131\u011f\u0131 ilgin\u00e7 bir vaka.<\/p>\n","protected":false},"author":2598,"featured_media":13585,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1726,1194,1727],"tags":[1921,2073,1074,2679],"class_list":{"0":"post-13584","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-enterprise","8":"category-business","9":"category-smb","10":"tag-e-posta","11":"tag-hedef-odakli-kimlik-avi","12":"tag-kimlik-avi","13":"tag-kimlik-avi-belirtileri"},"hreflang":[{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/employee-handbook-phishing-scheme\/13584\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/employee-handbook-phishing-scheme\/29164\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/employee-handbook-phishing-scheme\/24357\/"},{"hreflang":"ar","url":"https:\/\/me.kaspersky.com\/blog\/employee-handbook-phishing-scheme\/12596\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/employee-handbook-phishing-scheme\/29201\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/employee-handbook-phishing-scheme\/28334\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/employee-handbook-phishing-scheme\/31169\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/employee-handbook-phishing-scheme\/29847\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/employee-handbook-phishing-scheme\/40117\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/employee-handbook-phishing-scheme\/53836\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/employee-handbook-phishing-scheme\/22988\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/employee-handbook-phishing-scheme\/24017\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/employee-handbook-phishing-scheme\/32458\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/employee-handbook-phishing-scheme\/29399\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/employee-handbook-phishing-scheme\/35134\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/employee-handbook-phishing-scheme\/34774\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.tr\/blog\/tag\/kimlik-avi-belirtileri\/","name":"kimlik av\u0131 belirtileri"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/13584","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/users\/2598"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=13584"}],"version-history":[{"count":3,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/13584\/revisions"}],"predecessor-version":[{"id":13589,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/13584\/revisions\/13589"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media\/13585"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=13584"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=13584"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=13584"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}