Rewterz Threat Alert – Group Targeting Executives via Phishing Campaigns for over a year

Severity

High

Analysis Summary

A newly uncovered phishing group is targeting big companies around the world. It’s thought to be the first major scam gang of its type operating out of Russia, indicating a potential shift in the cyber-threat landscape. (BEC) scam is a lucrative business for cybercriminals.with organisations losing hundreds of millions of dollars a month after being tricked into sending finances into accounts owned by criminals. The campaign has targeted individuals in 46 countries across six continents and combines in-depth research on target organisations and their executives alongside two spoof email chains sent to the victim that touches on current themes, including the coronavirus pandemic. The well-researched and legitimate-sounding emails designed to look like they come from people known to the victim might be difficult to defend against, but it isn’t impossible.

Impact

• Credential theft
• Exposure of sensitive data

Indicators of Compromise

Email Subject

• “Discussion today”
• “Discussion today – corporate development”
• “Follow-up discussion”
• “Important – Urgent discussion”
• “Urgent Discussion”
• “Corporate matter”
• “Corporate matter follow up”
• “Corporate matter to resolve”
• “Corporate matter with law firm”

Remediation

• Block all threat indicators at your respective controls.
• Always be suspicious about emails sent by unknown senders.
• Never click on the links/attachments sent by unknown senders.