Editorial & Advertiser disclosure

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.

Business

Posted By Gbaf News

Posted on August 2, 2018

Cybercriminals targeted at least 400 industrial companies with spear-phishing attack for financial gain

Kaspersky Lab researchers have detected a new wave of financial spear-phishing emails designed to make money for cybercriminals. The emails are disguised as legitimate procurement and accounting letters and have hit at least 400 industrial organisations, mostly in Russia. The series of attacks started back in autumn 2017 and targeted several hundreds of company PCs in industries ranging from oil and gas, to metallurgy, energy, construction, and logistics.

In the detected wave the criminals not only attacked industrial companies together with other organisations, they were predominantly focused on them.

They sent out emails containing malicious attachments and try to lure unsuspecting victims into giving away confidential data, which they could then use to make money.

According to Kaspersky Lab data, this wave of emails targeted around 800 employee PCs, with the goal of stealing money and confidential data from the organisations, which can then be used in new attacks. The emails were disguised as legitimate procurement and accounting letters, containing content that corresponded to the profile of the attacked organisations and took into account the identity of the employee – the recipient of the letter. It is noteworthy that the attackers even addressed the targeted victims by name. This suggests that the attacks were carefully prepared and that criminals took the time to develop an individual letter for each user.

When the recipient clicked on the malicious attachments, modified legitimate software was discreetly installed on the computer so that criminals could connect to it, examine documents and software related to the procurement, financial and accounting operations. Furthermore, the attackers were looking for different ways to commit financial fraud, such as changing requisites in payment bills in order to withdraw money for their benefit.

Moreover, whenever criminals needed additional data or capabilities, such as obtaining local administrator rights or stealing user authentication data and Windows accounts to spread within the enterprise network, the attackers uploaded additional sets of malware, prepared individually for an attack on each victim. This included spyware, additional remote administration tools that extend the control of attackers on infected systems and malware to exploit vulnerabilities in the operating system, as well as the Mimikatz tool that allows users to obtain data from Windows accounts.

“Our latest research has indicated that global industrial companies are currently in cybercriminals’ crosshairs – with personalised financial spear-phishing attacks being launched on over 400 organisations. This is likely due to the fact that the level of cybersecurity awareness is not as high as it is in other markets, emphasising the need for these businesses to raise awareness of these threats – and how to protect against them,” said David Emm, Principal Security Researcher, Kaspersky Lab.

Kaspersky Lab researchers advise users to follow these key measures in order to be protected against spear-phishing attacks:

– use security solutions with dedicated functionality aimed at detecting and blocking phishing attempts. Businesses can protect their on-premise email systems with targeted applications inside the Kaspersky Endpoint Security for Business suite. Kaspersky Security for Microsoft Office 365 helps to protect the cloud-based mail service Exchange Online inside the Microsoft Office 365 suite.

–  introduce security awareness initiatives, including gamified training with skills assessments and reinforcement through the repetition of simulated phishing attacks. Kaspersky Lab customers would benefit from using the Kaspersky Security Awareness Training services.

Recommended for you

  • Content Marketing Effectiveness: A Comprehensive Analysis for 2025

  • Customer Journey Mapping: A Comprehensive Understanding

  • Corporate Sustainability and Responsibility: Pathways to 2025