This implies urgency and suggests that whoever the attackers are impersonating is out of the office and can’t be reached to confirm the request. “Do get back to me” or “How soon can you get this done?” The attackers even included an email signature advertising that the email was sent from a mobile device. Many of the emails use language that encourages the employee to respond as soon as possible, e.g. The fourth common tactic is creating a sense of urgency. Another sample asked specifically for Google Play gift cards, and it’s possible the team had already discussed purchasing those particular gift cards. This means attackers are doing their research on the company and the people they’re targeting, either leveraging publicly available information or compromising an employee’s email account and watching for useful information.įor example, one email that researchers found was sent to a multi-national business, and it implied that they would need to buy gift cards in different currencies, which fit with how the organization operates. The third tactic that attackers are using in this campaign is incorporating relevant details into the emails.
But it also prevents the target from talking to someone who might raise questions about the request and seemingly helps justify sidestepping any usual protocols that may be in place for a purchase of this kind. After all, the gift cards are likely intended to be a reward for the staff or a holiday surprise. It might make sense at first that someone would ask you to keep a request like this confidential. Because, of course, the employee will want to keep the CEO happy and make a good impression. As I mentioned, this tactic puts pressure on the employee to respond quickly without thinking to closely about the request and how it would usually be handled. The first tactic is impersonating a CEO or someone else in a position of authority. Researchers have seen four common tactics used in these gift card phishing attacks, which are helping the cyber criminals succeed. This puts added pressure on the employee to act on the request quickly and make the transaction happen. Using this common practice to their advantage, attackers are targeting people in these roles, often impersonating the CEO or president of the company. Cyber criminals know that many organizations are asking employees such as office managers, executive assistants, and receptionist to buy gift cards for everyone in the office, now that the holidays are coming up soon. Researchers have seen an increase in social engineering attacks where the goal is to get the intended victim to send gift cards to the attacker. Often targeting a low or mid-level employee, the attacker can trick the victim into taking a certain action, simply by sending a well-timed email with highly relevant details and context, without including any malicious links or attachments that would get picked up by email security. This tactic is especially powerful when the attacker also impersonates a high-ranking executive. Social engineering has always been a powerful weapon for cyber criminals, allowing them to use context and timing to talk unsuspecting victims into doing what the attacker wants. Given how common it is for companies to give gift cards to employees this time of year, the specific request is interesting and demonstrates how targeted these types of attacks are getting. The attack focuses on tricking office managers, executive assistants, and receptionists into sending gift cards to the attackers, claiming it’s a reward for employees, maybe even a holiday surprise for the whole office. Just in time for the holiday season, cyber criminals are putting a new twist on a phishing attack with a large-scale impersonation campaign. What do you do? How would a more junior member of your team respond? You need to respond quickly for further instructions and keep it quiet because it’s a surprise. You just got an urgent email from the president of your company asking you to purchase gift cards for everyone in the office.
0 kommentar(er)
