Gang trigger surge in targeted spam attacks

By

June saw a record number of targeted email attacks by an unidentified criminal gang, according to an email security firm.

Gang trigger surge in targeted spam attacks
MessageLabs intercepted more than 500 targeted messages in a single day last month.

The attack was so precisely addressed that the name and job title of the recipient was included in the subject line of the email, the latest MessageLabs report found.

The strike targeted a variety of people, all working in senior management positions in different industry sectors around the world.

Security analysts believe this attack can be attributed to a previously unknown gang, which carried out extensive research to compile the list of targets.

“Somebody somewhere did their homework,” said Mark Sunner, chief security analyst at MessageLabs. “This attack involved far too much work for one person. I believe an organised criminal gang was behind this, the true geography of which is still unknown.”

The report shows that senior professionals in the banking and finance industry were the most targeted by the cyber criminals. Chief investment officers accounted for more than 30 percent of the targeted attacks, while CEOs and CIOs made up 11 and seven per cent respectively.

Sunner believes the hackers were trying to access merger and acquisition information and other valuable financial data. The spammers used Microsoft Word documents to legitimise the emails, which contained executable code and activated the malware when opened.

The report also reveals that family members of the recipients also received spam messages to compromise the family computer and gain access to confidential details relating to the target.

“This evolving trend of increasingly personalised attacks emphasises the effort and research in which the bad guys are willing to engage to potentially obtain very lucrative information,” warned Sunner.

“With social networking tools, such as Facebook, Linked-In and MySpace, now highly populated with valuable content and sought-after details, it is easier than ever for the bad guys to harvest the personal details needed to personalise their attacks.”
Got a news tip for our journalists? Share it with us anonymously here.
Tags:
attacksganginreportsecurityspamsurgetargetedtrigger

Sponsored Whitepapers

See everything. Do more.
See everything. Do more.
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Diamond IT Delivers GRC Transformation with Microsoft Purview
Diamond IT Delivers GRC Transformation with Microsoft Purview
Linktech Powers Energy Trader’s Essential Eight Compliance in Just Eight Weeks
Linktech Powers Energy Trader’s Essential Eight Compliance in Just Eight Weeks
Byte Delivers Future-Ready IT: Transforming Endpoint Security and Productivity with a Cloud-First Strategy
Byte Delivers Future-Ready IT: Transforming Endpoint Security and Productivity with a Cloud-First Strategy

Events

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers
Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound
Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies
Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?