By far the most convincing email phishing and malware attacks come disguised as your “typical nastygram” from local businesses. These emails have grown in popularity with cyber-criminals. By making minor customizations to these campaigns, these phishing attacks are now being spoofed as though, local organizations are the culprits! These emails notify recipients that he/she is being sued and instructs them to review the following attached files, with a directive to respond within a specific time frame, or penalties will occur… Here’s a look at a recent phishing campaign that peppered more than 100,000 business executives. With the goal of phishing for employee personal information and exploiting data systems, by utilizing a local law firm’s system to send infected data to partners.
In May, two well-known anti-virus firms began detecting compromised files, specifically within Microsoft Word. Emails with attachments were sent with a simple variation of the message below. This exact kit is now being traded alongside others on the “dark web,” therefore we have numerous business names outlined in brackets below.