Before adding and sharing your Fraud Alert please check to see if a similar alert has already been posted, thank you:


Multi-stage spear phishing – bait, hook and catch

Fraud Alert:

Cybercriminals have an extensive history of conducting attacks that cast a wide net hitting as many people as possible. Nearly everyone has received emails from a wealthy foreign banker, a Nigerian prince offering to pay you an exorbitant sum of money, or from a sketchy drug company offering a new drug that promises to revolutionize your love life.

However, cybercriminals are now taking an “enterprise” approach.  Similar to B2B enterprise sales, they go after a smaller number of targets, with the goal of extracting a much greater payload with highly personalized attacks. Spear phishing, highly targeted attacks that leverage impersonation of an employee or a popular web service, have been on the rise, and according to the FBI, these attacks have proven to be extremely lucrative for cybercriminals.

The latest iteration in social engineering involves multiple steps. The sophisticated cybercriminals don’t try to target company executives with a fake wire fraud out of the blue. Instead, they first infiltrate the organization, and then use reconnaissance and wait for the opportune time to trick their targets by launching an attack from a compromised mailbox.

Step 1: Infiltration

Most phishing efforts are easy for individuals that receive cyber security training (executives, IT people) to sniff out because they contain weird addresses, bold requests, or misspelled words that raise red flags. However, we are seeing a rapid increase in personalized attacks that are exceedingly difficult to spot, especially for people who lack security awareness. If you take a look at the image below, the message itself doesn’t appear to be suspicious. It seems to be coming from Microsoft to alert you that they need to reactivate your Office 365 email account.