There is a new highly effective phishing attack running through inboxes that tricks a whopping 90% of victims. All of the best criminal practices are combined to steal credentials and send malware into your network.
This attack targets companies that deal with frequent shipping of goods or high-volume of employee travel. The phishing attack targets these employees, and the messages are constructed with subjects lines and bodies that include destinations, airlines, and other details specific to each victim.
In a post explaining the attacks, the Vice President of Content Security Services at Barracuda said “After getting the employee to open the email, the second tool employed by the attacker is an advanced persistent threat embedded in an email attachment. The attachment, usually a flight confirmation or receipt, is typically formatted as a PDF or DOCX document. In this attack, the malware will be executed upon the opening of the document.”
The bad guys are doing research on you personally using social media to find out where and when you (might) be traveling. They are crafting emails especially for you with airline information that looks just like the real thing. Sometimes they even have links in the email that go to a website that looks identical to the real airline, but is a fake website. They are trying to 1) steal your company username and password and 2) trick you into opening the attachment which will infect your computer with malware.
Remember, if you want to check any airline reservations or flight status, open your browser and type the website name in the address bar. Do not click on links in emails to go to websites. ALWAYS think before you click!