Hackers Masquerading as Trusted Business Contacts
Hackers Masquerading as Trusted Business Contacts
Beware! Security researchers have discovered a new spear phishing email campaign targeting employees who handle their companies’ finances. Cybercriminals masqueraded as business contacts the employees knew and trusted. To trick an employee into thinking the email came from a trusted business contact, they spoof the name that appears in the “From” field to show the associate’s name.
The emails’ context varies, but they mostly mention “invoice”. Check out examples of how authentic they look in the link above. In other cases, the subject line includes “address update” and may also allude to an invoice.
In both cases, the email itself was harmless and could simply be deleted. But, if the email recipients clicked the link, or opened the enclosure, they triggered a cyber attack.
This email campaign highlights an important characteristic of spear phishing attacks.
Three Measures To Protect Your Business:
- Employees cannot fall for spear phishing scams if the emails don’t reach their inbox. You can prevent many malicious emails from reaching employees by keeping your company’s email filtering and anti-malware tools up-to-date. Consider getting an email security solution designed to catch spear phishing and other types of malicious emails.
Make your company harder to target. Cybercriminals often obtain the information they need to personalize spear phishing emails from company websites and social media. You want to make sure that potentially sensitive information such as employees’ email addresses and job titles are not publicly available. Consider implementing a social media policy to provide guidance on company-related information employees should avoid posting.
- Despite your efforts to prevent spear phishing emails from reaching employees’ inboxes, some will likely still get through. It is so important to educate employees on how to spot these scams. Common signs include:
- Spoofed name in the “From” field
- A deceptive URL (the actual URL does not quite match the displayed linked text or web address)
- Email attachment is enclosed
- Sender encourages the recipient to click on a link or open an email attachment
We recommend educating employees how to check for deceptive URLs and spoofed names in the “From” field. Any URL or email address that seems suspicious, have them call the email’s sender to make sure the person sent it.
- We suggest regularly performing backups and test the backup files. This ensures that you won’t lose your data or have to give into a cybercriminal’s ransom demand if a successful spear-phishing scam leads to ransomware or another type of malware infection.
CopperTree can assess your security defenses and help you develop an action plan. We can also provide recommendations on how to protect your business from other types of malicious attacks.