Security News > 2017 > March > Clever spear-phishing emails hit employees involved in SEC filings (Help Net Security)
2017-03-08 21:18
FireEye has flagged a sophisticated spear-phishing campaign hitting US-based businesses with emails purportedly coming from the US Securities and Exchange Commission (SEC). The emails look like they’ve been sent by a SEC employee, address the recipients by name, and urge them to download a Word document containing important changes regarding Form 10-K, an annual financial performance report required by the organization. The malware The malicious attachment drops two PowerShell backdoors. One is fileless and resides … More →
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/6gk3QzaGQ50/
Related news
- Midnight Blizzard Escalates Spear-Phishing Attacks On Over 100 Organizations (source)
- Beware of phishing emails delivering backdoored Linux VMs! (source)
- New Phishing Tool GoIssue Targets GitHub Developers in Bulk Email Campaigns (source)
- Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails (source)
- Phishing emails increasingly use SVG attachments to evade detection (source)
- Novel phishing campaign uses corrupted Word documents to evade security (source)
- Phishers send corrupted documents to bypass email security (source)
- CERT-UA Warns of Phishing Attacks Targeting Ukraine’s Defense and Security Force (source)
- European companies hit with effective DocuSign-themed phishing emails (source)