Sophisticated new phishing campaign targets the C-suite

It comes as the latest cyber campaign to selectively target the most important pillars of a company

phishing

A new phishing campaign to steal login credentials is being launched on businesses - specifically the C-suite.

Researchers at GreatHorn first discovered the campaign which targets senior executives by claiming to be from the company's CEO.

The fake email regards the rescheduling of a board meeting. By following the link from this email and users are greeted with a Doodle poll lookalike page to rearrange a suitable time for the board meeting, but which actually steals Office 365 credentials.

According to the researchers, the attack appears to be hitting organisations of different sizes and from various industries. The email always has the same content, subject line and sender address, too.

If viewed on a mobile device, the sender name is changed to 'Note to Self', a feature in Outlook that is activated when you email yourself something. The researchers note this added layer of complexity makes interacting with the phishing email even more likely.

Depending on which email client is used, some emails were found in the client's junk folder, alerting them to the suspicious content, but the attack still remained open if the user chose to trust the message regardless.

If successful, with valid senior executive-level login credentials, attackers could use those to access and steal sensitive data belonging to the company and if gone undetected, the attacker could use that entry point as a way to launch further attacks on the company's infrastructure.

"Spear phishing attacks tend to be more targeted, sophisticated and harder to detect than regular phishing campaigns, said Corin Imain, senior security advisor at DomainTools.

"Just one employee clicking on a malicious link can create an entry point for cybercriminals to gain access to the entirety of an organisation's network.

"It is not surprising that the criminals behind this attack chose to redirect employees to a fake Microsoft 365 landing page: Microsoft remains the most impersonated brand by phishers because of its recognisability and popularity."

This news follows an emerging cyber security trend whereby attackers will selectively target companies with big pockets.

The Ryuk ransomware reported last month provided another example of how attackers are choosing to target the right people instead of just distributing attacks to as many machines as possible.

Attacks are becoming more sophisticated and as Imain says, "it is essential to educate the workforce to the risks of opening emails from an unrecognised sender and about the best practices to spot a fake email from a genuine one."

Featured Resources

Unlocking collaboration: Making software work better together

How to improve collaboration and agility with the right tech

Download now

Four steps to field service excellence

How to thrive in the experience economy

Download now

Six things a developer should know about Postgres

Why enterprises are choosing PostgreSQL

Download now

The path to CX excellence for B2B services

The four stages to thrive in the experience economy

Download now

Recommended

How to encrypt files and folders in Windows 10
encryption

How to encrypt files and folders in Windows 10

9 Apr 2021
The definitive guide to IT security
Whitepaper

The definitive guide to IT security

9 Apr 2021
Evidence suggests REvil behind Harris Federation ransomware attack
ransomware

Evidence suggests REvil behind Harris Federation ransomware attack

9 Apr 2021
Fujitsu taps Trend Micro to secure private 5G networks in smart factories
5G

Fujitsu taps Trend Micro to secure private 5G networks in smart factories

8 Apr 2021

Most Popular

Microsoft is submerging servers in boiling liquid to prevent Teams outages
data centres

Microsoft is submerging servers in boiling liquid to prevent Teams outages

7 Apr 2021
Hackers are using fake messages to break into WhatsApp accounts
instant messaging (IM)

Hackers are using fake messages to break into WhatsApp accounts

8 Apr 2021
How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

8 Apr 2021