This week, security vendor Palo Alto Networks reported their discovery of a malicious email campaign that disguised dangerous malware behind seemingly innocent voicemail attachments from a would-be reporter. When the user clicks the attachment to play the voicemail, files are downloaded secretly onto the device, allowing hackers to access sensitive personal information.
Palo Alto Networks has determined that the architects of this social engineering campaign are likely the threat actors CozyDuke/CozyCar, who in the past have commonly used legitimate and recognizable websites for “spear phishing“, a form of hacking that is disguised in emails sent from parties likely to be familiar to the user, but that in reality contain dangerous malware intended to steal sensitive information.
Spear phishing campaigns are a legitimate threat to information security for both individuals and businesses, and exhibit the following key characteristics:
- The email appears to be sent from a person or company that is familiar to the intended victim.
Whether it’s a friend’s name taken from your public Facebook profile, or a reporter with the newspaper’s email address, the sender’s credentials should be determined before opening any sent attachments.
- The email’s message is likely generalized, but urges the user to open the attached file.
If the message contains no information specific to either party, remain suspicious of any attached files.
- Threat actors like CozyDuke pose a serious threat to information security.
According to tech company Symantec, CozyDuke and others like them have compromised major corporations and even levels of government by using social engineering campaigns in the past.
- To protect against spear phishing, knowledge of social engineering and how to prevent it is highly important.
Dangerous emails can be identified with the right knowledge and security measures, but without proper training or secure systems, spear phishing remains an effective way for hackers to access sensitive information.
To stay protected from social engineering tactics such as spear phishing, ensure your business has proper awareness and ability to prevent victimization. For more information on social engineering protection, contact RJ Systems at (780) 851- or email: firstname.lastname@example.org