C-suite getting targeted by the sophisticated new Phishing Campaign
In order to steal the login credentials, new phishing campaign has been launched on the businesses - especially on the C-suite. The executives across various industries were targeted by this widespread phishing campaign, with messages asking for rescheduling of a board meeting to try stealing the logins and passwords.
The phishing messages, spotted first by the security firm GreatHorn researchers, spoof name as well as email address of company CEO who is being targeted. Moreover, the subject of the phishing messages included the company name along with a note regarding the meeting in order to gain attention of the potential victims. More likely, the users will fall for the attacks that they believe to have come from the boss.
The phishing email content says that there has been rescheduling of a board meeting, and asks the users to participate in a poll so as to select a new date for board meeting.
When the users click on the link in this email, they are being directed towards a webpage that appears as the login page for Office 365 as well as Microsoft Outlook, however this is actually a phishing site -- so any information that has been entered in it will directly go to the attackers.
The phishing email every time has similar content, subject as well as the sender address. However, the attack is somewhat different when someone views the email on a mobile phone -- the name of the sender got changed to 'Note to Self'. 'Note to Self' is an Outlook feature that gets activated when someone email himself something. But, the message contents stay same even here.
With phishing email targeting the high-level executives such as CFOs, SVPs and CTOs, a successful attack can provide the attackers access to very sensitive data of a company. Moreover, if the attack gone undetected, then the compromised accounts can be used also to help conducting further malicious campaigns.
"Spear phishing attacks tend to be more targeted, sophisticated and harder to detect than regular phishing campaigns", said DomainTools senior security advisor, Corin Imain.
Therefore the users are warned to remain aware of the phishing campaign and be suspicious for any emails that contain the subject line following pattern of: 'New message: [Company Name] February in-person Board Mtg scheduling (2/24/19 update)'.
» SPAMfighter News - 2/21/2019
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!