Security News > 2021 > January > Targeted Phishing Attacks Strike High-Ranking Company Executives
An evolving phishing campaign observed at least since May 2020 has been found to target high-ranking company executives across manufacturing, real estate, finance, government, and technological sectors with the goal of obtaining sensitive information.
The messages also include an embedded link to retain the same password that, when clicked, redirects users to a phishing page for credential harvesting.
According to the researchers, the targeted email addresses were mostly collected from LinkedIn, while noting that the attackers could have purchased such target lists from marketing websites that offer CEO/CFO email and social media profile data.
The Office 365 phishing kit, currently in its fourth iteration, is said to have been originally released in July 2019, with additional features added to detect bot scanning or crawling attempts and provide alternative content when bots are detected.
Aside from selling the phishing kit, the actor has also been found to peddle account credentials of CEOs, chief financial officers, finance department members, and other high-profile executives on social media pages.
The researchers uncovered at least eight compromised phishing sites hosting the V4 phishing kit, raising the possibility that they were used by different actors for a wide range of phishing campaigns directed against CEOs, presidents, board members, and founders of companies located in the U.S., the U.K., Canada, Hungary, the Netherlands, and Israel.
News URL
Related news
- DOJ, Microsoft seize 107 domains used in Russia's Star Blizzard phishing attacks (source)
- GitHub, Telegram Bots, and ASCII QR Codes Abused in New Wave of Phishing Attacks (source)
- Astaroth Banking Malware Resurfaces in Brazil via Spear-Phishing Attack (source)
- Midnight Blizzard Escalates Spear-Phishing Attacks On Over 100 Organizations (source)
- Windows infected with backdoored Linux VMs in new phishing attacks (source)