IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Sophisticated new phishing campaign targets the C-suite

It comes as the latest cyber campaign to selectively target the most important pillars of a company

phishing

A new phishing campaign to steal login credentials is being launched on businesses - specifically the C-suite.

Researchers at GreatHorn first discovered the campaign which targets senior executives by claiming to be from the company's CEO.

The fake email regards the rescheduling of a board meeting. By following the link from this email and users are greeted with a Doodle poll lookalike page to rearrange a suitable time for the board meeting, but which actually steals Office 365 credentials.

According to the researchers, the attack appears to be hitting organisations of different sizes and from various industries. The email always has the same content, subject line and sender address, too.

If viewed on a mobile device, the sender name is changed to 'Note to Self', a feature in Outlook that is activated when you email yourself something. The researchers note this added layer of complexity makes interacting with the phishing email even more likely.

Depending on which email client is used, some emails were found in the client's junk folder, alerting them to the suspicious content, but the attack still remained open if the user chose to trust the message regardless.

If successful, with valid senior executive-level login credentials, attackers could use those to access and steal sensitive data belonging to the company and if gone undetected, the attacker could use that entry point as a way to launch further attacks on the company's infrastructure.

"Spear phishing attacks tend to be more targeted, sophisticated and harder to detect than regular phishing campaigns, said Corin Imain, senior security advisor at DomainTools.

"Just one employee clicking on a malicious link can create an entry point for cybercriminals to gain access to the entirety of an organisation's network.

"It is not surprising that the criminals behind this attack chose to redirect employees to a fake Microsoft 365 landing page: Microsoft remains the most impersonated brand by phishers because of its recognisability and popularity."

This news follows an emerging cyber security trend whereby attackers will selectively target companies with big pockets.

The Ryuk ransomware reported last month provided another example of how attackers are choosing to target the right people instead of just distributing attacks to as many machines as possible.

Attacks are becoming more sophisticated and as Imain says, "it is essential to educate the workforce to the risks of opening emails from an unrecognised sender and about the best practices to spot a fake email from a genuine one."

Featured Resources

The state of Salesforce: Future of business

Three articles that look forward into the changing state of Salesforce and the future of business

Free Download

The mighty struggle to migrate SAP to the cloud may be over

A simplified and unified approach to delivering Enterprise Transformation in the cloud

Free Download

The business value of the transformative mainframe

Modernising on the mainframe

Free Download

The Total Economic Impact™ Of IBM FlashSystem

Cost savings and business benefits enabled by FlashSystem

Free Download

Recommended

Education and government most at risk from email threats
phishing

Education and government most at risk from email threats

26 Nov 2021
Attackers use CSS to fool anti-phishing systems
phishing

Attackers use CSS to fool anti-phishing systems

11 Nov 2021

Most Popular

Cyber attack on software supplier causes "major outage" across the NHS
cyber attacks

Cyber attack on software supplier causes "major outage" across the NHS

8 Aug 2022
Why convenience is the biggest threat to your security
Sponsored

Why convenience is the biggest threat to your security

8 Aug 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

29 Jul 2022