Researchers have discovered a brand new, sophisticated spear phishing campaign that fools 90% of their targets into opening infected attachments or visiting spoofed websites. Once a target takes action, the malware either steals data, credentials or both. These hackers are very savvy—diligently researching targets, tailoring messages specifically to them and adding personalized information to fool victims into thinking the emails are legitimate—hence, the 90% “success rate”.
Currently: the attacks appear to be directed toward companies with frequent travel needs and/or who do a lot of shipping.
Researchers at Barracuda found that the attackers’ emails are impersonating those of well-known airline companies and are disguised as Flight Confirmation emails complete with attachments claiming to be flight receipts, etc. Of course, the attachments are infected and when opened executes data-stealing malware. However, not all attacks are the same as some emails contain infected links, not attachments. When clicked, the link sends the victim to a phishing website where their credentials are captured and used to attack company networks, systems and databases.
Warning: even if your company doesn’t travel much or ship any goods, you should still take heed. Hackers are very sophisticated these days and it won’t take long for them to change their tactics or their targets. Expect this type of attack to be further weaponized with ransomware!
Increase your security:
- Keep anti-virus and anti-malware programs up-to-date and run them frequently.
- Make sure your Operating System and third party applications are fully patched.
- Do not let employees operate their company workstations with administrator rights.
- Never click on links or open attachments in emails from people you don’t know or from “companies” you are not expecting communications from.
- Since many infected attachments are macro-driven, disable macros in Microsoft Office applications as a normal working habit and only enable them when legitimately needed.
- Backup servers and high-valued workstations and make sure your backup systems are operating correctly.
- Remember—data backup systems cannot guarantee quick recovery after an attack. Only a Business Continuity System can get your business back up and running with minimal downtime should your servers go down due to ransomware or other malware attack, hardware failure etc.
Always be on your guard!
XSolutions is an Elite Partner of Datto, the world leader in Hybrid-Cloud Business Continuity solutions whose systems protect 250+ Petabytes of data with over 800 employees around the globe. Call (845) 362-9675 and lets discuss your specific needs.