Canadian Business Banking Customers Hit With Targeted Phishing, Account Takeover Attacks
This
post was co-authored by IBM X-Force’s Ilya Kolmanovich
---
IBM X-Force
research has been following the activity of a cybergang that has been targeting
Canadian businesses with customized phishing attacks, likely operating out of
Ukraine. The attacks are designed to trick those with account access to divulge
their company’s online banking credentials, one-time passwords and two-factor
authentication codes. The goal of this targeted phishing attack is to take the
account over and transfer money to mule accounts that the criminals control.
A Custom-Crafted Email Arrives
The first
step in the attacks is an email. Much like other targeted attacks, this was a
spear phishing email that was sent to very specific stakeholders with content
made to appear legitimate, featuring the correct bank logos and accurate
information. Inside that email, the storyline that was designed to gain the
victim’s trust came in PDF format. This enabled the threat actors to hide the
URL links, keywords and brand abuse from detection mechanisms that would pick
these elements up had they been included in the body of the email. It also
enabled them to ensnare users who possess enough security awareness to avoid
clicking suspicious links in email messages.
To set
up for the email campaign, the attackers registered a few domains and created
email addresses that contained the bank’s name and appeared to represent the
bank’s customer service, security or technology departments.
Continue
reading this post here.
I generally want quality content and this thing I found in your article. It is beneficial and significant for us. Keep sharing these kinds of articles, Thank you.Hire A Cell Phone Hacker
ReplyDeleteI read your blog now share great information here.
ReplyDeletemens fragrance set