Earlier this year, Symantec discovered an aggressive social engineering campaign targeting a limited set of multi-national firms in Europe. The attacks were by the book, employing classic techniques, eventually netting the criminals vast sums of stolen funds for their efforts.
In April, an administrative assistant working in a French-based multi-national firm got an email that referenced an invoice hosted in a filesharing service (such as Dropbox). A few moments later, a person posing as a senior executive within the same firm — speaking flawless French — spoke with authority and requested that she process the invoice referenced in the email.
“Over the last few months, we’ve seen hackers use more multi-staged social engineering attacks to penetrate various organizations. [This recent] attack is a prime example of how one such group used several principles of influence to get the target to take an action they shouldn’t have,” said Chris Hadnagy of Social-Engineer, Inc., in an email to CSO.
SOURCE: csoonline.com
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Experts Insight On US Pipeline Shut After Cyberattack
Most Active Commenters
Recent Comments
“Cybersecurity Awareness Month’s new evergreen theme "Secure Our World” is…
“Avoid storing data on personal devices: A crucial but often overlooked…
“I recommend a new nuance to passwords that isn’t often…
“In my role overseeing cloud environments and incident response, I'm…
“Cybersecurity Awareness Month serves as a reminder to confront the…