A new dangerous phishing attack was launched to target the CEOs of online companies. According to Cyveillance's official blog, Panos Anastassiadis, CEO of the company, received a suspicious email, apparently a subpoena, which informed him that he had been sued, the message including a link supposed to allow the receiver to download court documents.
Unlike traditional phishing scams, this “spear phishing” attack, includes all kinds of details such as the name of the receiver and even the phone number. This means that the spammer had to do a little bit of research work before he sent the message but, since we're talking about a CEO, hacking his computer is probably a thing to be proud of - for a phisher.
“Like many other spear phishing attacks, the phisher performed research before launching his or her attack. Specifically, the individual was able to locate use our CEO’s email address and the Cyveillance phone number in the email. This information was used to enable and build additional credibility for the attack,” the security experts of Cyveillance wrote.
According to the scanning information provided by VirusTotal and concerning the file uploaded by Cyveillance, Avast, AVG, BitDefender, Kaspersky, McAfee and several others didn't detect the infection. However, F-Secure, F-Prot, AntiVir, NOD32v2 and Microsoft's security tool found the Trojan-Downloader.
As mentioned, the message came with an email which stated that it provided access to court documents. However, once the reader clicked on it, he was redirected to a page informing that the case was closed and no further action was required. But, without the user even knowing about it, the page attempted to drop and install a Trojan-Downloader which, according to Cyveillance, couldn't be detected by several antivirus technologies.
Security, Online Security, Email, Phishing, Lawsuit, Spear Phishing, Trojan, Intrusion