Security News > 2017 > March > Clever spear-phishing emails hit employees involved in SEC filings (Help Net Security)
2017-03-08 21:18
FireEye has flagged a sophisticated spear-phishing campaign hitting US-based businesses with emails purportedly coming from the US Securities and Exchange Commission (SEC). The emails look like they’ve been sent by a SEC employee, address the recipients by name, and urge them to download a Word document containing important changes regarding Form 10-K, an annual financial performance report required by the organization. The malware The malicious attachment drops two PowerShell backdoors. One is fileless and resides … More →
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/6gk3QzaGQ50/
Related news
- Beware: PayPal "New Address" feature abused to send phishing emails (source)
- Microsoft Warns of ClickFix Phishing Campaign Targeting Hospitality Sector via Fake Booking[.]com Emails (source)
- Coinbase phishing email tricks users with fake wallet migration (source)
- Why it's time for phishing prevention to move beyond email (source)
- Ukrainian military targeted in new Signal spear-phishing attacks (source)
- After Detecting 30B Phishing Attempts, Microsoft Adds Even More AI to Its Security Copilot (source)
- New Morphing Meerkat Phishing Kit Mimics 114 Brands Using Victims’ DNS Email Records (source)
- PoisonSeed phishing campaign behind emails with wallet seed phrases (source)
- Phishing Campaigns Use Real-Time Checks to Validate Victim Emails Before Credential Theft (source)