There’s a new phishing campaign with a payload of malware that’s been targeting small and mid-sized businesses in Thailand, India, and the United States, as well as a few companies in Israel, Germany, and Canada. Messages sent in this campaign contain a malicious attachment disguised as a Microsoft Word document. When opened, this file loads the HawkEye keylogger software and other remote administration tools to spy on the machine, take control of it, and steal data and files. So far, thousands of passwords, emails, and usernames have been stolen from almost 5000 hosts. Data has been stolen from Outlook, Facebook, Skype, Gmail, Pinterest, Yahoo, LinkedIn, and Twitter, as well as bank accounts. To combat this threat, update your antivirus definitions, and make sure all software patches are up-to-date.
Click here to read the original article on the Grabit phishing campaign, posted on ZDNet.
One of the key points to take away from this is that email security is not just a mail server administrator’s job. In addition to configuring the mail server to filter out as much spam, malware, phishing attempts, and viruses as possible, end users must also understand how to recognize spam, phishing attempts, and malicious attachments. Administrators need to educate their users on how to identify these threats. For a review on how to recognize these tactics and how to keep your network safe from email-borne threats, check out my post “Email Safety Tips for End Users.”