Never-Before-Seen Malware Downloader In Phishing Emails Targeting US Gov Agencies – Expert Commentary

The reality is, cybercriminals have become extremely adept at crafting emails that are indistinguishable from legitimate emails that recipients receive every day. In this incident, threat actors are using Russian email addresses to distribute documents that relate to the ongoing geopolitical tensions surrounding North Korea in hopes to lure victims into opening the malware-strapped documents. In many cases, though, social engineering phishing attacks include no malicious links or attachments at all, and therefore very often slip past traditional, content-based email security controls. As phishing emails increasingly become harder and harder to detect, the first essential step is to prevent malicious emails from ever entering inboxes. For instance, these attacks would have been stopped by a robust sender-identity approach that blocks untrusted email senders like the ones used in this campaign. By implementing advanced anti-phishing solutions that validate sender identity, modern phishing attacks like these can be stopped in their tracks.  Read Less