Experts from global IT solutions firm Barracuda have uncovered a campaign that involves phishing emails being sent to healthcare and financial workers in the Alabama, Texas, New York, North Carolina, and Greater Boston areas of the US.
The emails tell the reader that they have received a file and that they need to click on a link to access it. It is sent from a Gmail account and includes Google branding.
The unnamed organisations found by Barracuda to be targeted are the SMEs it is currently protecting, said Luis Chapetti, a data and research scientist for the firm.
Chapetti told SCMagazine.com:
“The tell-tale giveaway is the destination URL which finds itself going to various hacked domains and never anything hosted on Google’s servers.”
The URL contains Norton, TRUSTe, and Google branding. Any information entered is relayed to the cyber criminals, said Chapetti. He added that the campaign involves malware, but explained how that element is currently under investigation.
The average internet user may be savvier to such campaigns than they were a decade ago, but there are some who remain vulnerable. If employees of the targeted sectors are not vigilant and hand over their work credentials, they could compromise company data and suffer significant repercussions. The most sensible action a company can take is to post and fill information security vacancies. Trained security personnel would be able to identify attacks and warn colleagues not to click on any links designed to retrieve credentials.
Send us your CV and have our recruiters match you to the ideal opportunities
Do you already have an account with us?Log in
Want to have an account with us?Register
Want to just send us your CV?
By submitting your registration and CV to us you are agreeing to join our database and to be contacted about relevant jobs industry communications. Please read our terms of business for more information.