Spear-phishing attacks targeting industrial SMEs uncovered

Senior security researcher from Kaspersky Lab Mohamad Amin Hasbini has discovered a spear-phishing attack campaign that’s been targeting companies for over a year (he managed to trace it back to March 2015, while the latest attacks date to June this year). According to the researcher, the financially motivated attacks, named Operation Ghoul, targeted more than 130 organisations in the industrial, engineering and manufacturing sectors from over 30 countries all around the world.

More details about the attack

Based on the classic pattern of a spear-phishing attack, top and middle managers of these targeted companies received a spoofed email that appeared to have been sent from Emirates NBD, a UAE bank. It contained a malicious attachment or compressed malware executable that allowed cyber criminals to collect invaluable information like passwords, keystrokes and FTP server credentials.

Why top and middle managers are juicy targets

The higher the position in the company, the more authority and decision-making power, which also comes with greater access to confidential documents and accounts. Cyber criminals know that targeting C-suite roles gives them more chances to obtain login credentials to accounts and systems that basic staff cannot access.

Simple tricks for recognising a phishing scam

Phishing attacks can be spotted if you know where to look and what to expect in an email. Checking the sender’s name and email address, or the URL of any link (by hovering your mouse over it without clicking), are a few of the tips and best practices you will learn in the Phishing staff awareness e-learning course. The course goes through the different types of phishing attacks, social engineering tactics used to deceive you, and more.

Strengthen your knowledge of phishing attacks to avoid becoming the next victim.

Call us on +44 (0) 845 070 1750 to request a free trial and a custom quote for your company.