This week, security vendor Palo Alto Networks reported their discovery of a malicious email campaign that disguised dangerous malware behind seemingly innocent voicemail attachments from a would-be reporter. When the user clicks the attachment to play the voicemail, files are downloaded secretly onto the device, allowing hackers to access sensitive personal information.
Palo Alto Networks has determined that the architects of this social engineering campaign are likely the threat actors CozyDuke/CozyCar, who in the past have commonly used legitimate and recognizable websites for “spear phishing“, a form of hacking that is disguised in emails sent from parties likely to be familiar to the user, but that in reality contain dangerous malware intended to steal sensitive information.
Spear phishing campaigns are a legitimate threat to information security for both individuals and businesses, and exhibit the following key characteristics:
Whether it’s a friend’s name taken from your public Facebook profile, or a reporter with the newspaper’s email address, the sender’s credentials should be determined before opening any sent attachments.
If the message contains no information specific to either party, remain suspicious of any attached files.
According to tech company Symantec, CozyDuke and others like them have compromised major corporations and even levels of government by using social engineering campaigns in the past.
Dangerous emails can be identified with the right knowledge and security measures, but without proper training or secure systems, spear phishing remains an effective way for hackers to access sensitive information.
To stay protected from social engineering tactics such as spear phishing, ensure your business has proper awareness and ability to prevent victimization. For more information on social engineering protection, contact RCOR Technologies at (919) 313-9355 or email: firstname.lastname@example.org