Colin Mc Hugo

0 %
Colin Mc Hugo
Security Engineer Manager & CEO at Quantum Infinite Solutions Group Ltd.

Targeted Phishing Attacks Strike High-Ranking Company Executives

January 28, 2021
phishing attacks

An evolving phishing marketing campaign noticed no less than since Could 2020 has been discovered to focus on high-ranking firm executives throughout manufacturing, actual property, finance, authorities, and technological sectors with the aim of acquiring delicate info.

The marketing campaign hinges on a social engineering trick that includes sending emails to potential victims containing pretend Workplace 365 password expiration notifications as lures. The messages additionally embrace an embedded hyperlink to retain the identical password that, when clicked, redirects customers to a phishing web page for credential harvesting.

“The attackers goal excessive profile staff who will not be as technically or cybersecurity savvy, and could also be extra more likely to be deceived into clicking on malicious hyperlinks,” Pattern Micro researchers said in a Monday evaluation.

password auditor

“By selectively concentrating on C-level staff, the attacker considerably will increase the worth of obtained credentials as they may result in additional entry to delicate private and organizational info, and utilized in different assaults.”

Office 365 Phishing Attack

In line with the researchers, the focused e mail addresses have been largely collected from LinkedIn, whereas noting that the attackers may have bought such goal lists from advertising web sites that provide CEO/CFO e mail and social media profile knowledge.

The Workplace 365 phishing equipment, presently in its fourth iteration (V4), is claimed to have been initially launched in July 2019, with further options added to detect bot scanning or crawling makes an attempt and supply various content material when bots are detected. Apparently, the alleged developer behind the malware introduced V4’s availability on their “enterprise” Fb web page in mid-2020.

Other than promoting the phishing equipment, the actor has additionally been discovered to hawk account credentials of CEOs, chief monetary officers (CFOs), finance division members, and different high-profile executives on social media pages.

What’s extra, Pattern Micro’s investigation unearthed a attainable hyperlink to a person deal with on underground boards that was noticed promoting a credential harvester device in addition to stolen C-Stage account passwords anyplace between $250 to $500, echoing previous reports late final 12 months.

Office 365 Phishing Attack

The researchers uncovered no less than eight compromised phishing websites internet hosting the V4 phishing equipment, elevating the likelihood that they have been utilized by totally different actors for a variety of phishing campaigns directed in opposition to CEOs, presidents, board members, and founders of corporations situated within the U.S., the U.Ok., Canada, Hungary, the Netherlands, and Israel.

“Whereas organizations are conscious and cautious of the data they embrace in public-facing web sites and platforms, their respective staff ought to be always reminded to be aware of the small print they disclose on private pages,” the researchers concluded. “These might be simply used in opposition to them for assaults utilizing social engineering methods.”

Posted in SecurityTags:
Write a comment