Tax-themed Email Campaigns Target 2019 Filers

| April 3, 2019

article image
Every year, Proofpoint observes a seasonal uptick in tax-related malware and phishing campaigns leading up to annual tax filing deadlines. In 2017, these campaigns focused on phishing and increasingly sophisticated social engineering, as well as banking Trojans and ransomware. In 2018, we observed sophisticated email campaigns that featured urgent tax-themed lures and convincing spoofs of IRS branding. Epitomizing one of the major trends of 2018, these campaigns distributed a variety of RATs including Orcus Rat, Remcos RAT, and NetWire. With tax season again upon us, we have seen a similar bump in tax-related campaigns both in the US and internationally. Malware payloads generally reflected the mix in the broader landscape, with a focus on RATs, downloaders, and banking Trojans, while common phishing emails remained pervasive. Malware Campaigns. NetWire is a multiplatform RAT typically delivered via spammed email attachments that contain Microsoft Office files with embedded executables, including .jar files. Many NetWire campaigns primarily target verticals like financial services, businesses, and educational institutions.

Spotlight

BGP Network

WE ARE BGP NETWORK. The Distributed Denial of Service (DDoS) solution and Cloud Computing business are projected to grow at CAGR of 21.3% and 28.4% respectively by 2022. To grasp the exponential growth opportunities and meet the innumerous potential demands with these emerging economies, BGP Joint Venture was established in 1 August 2017 to provide Cloud Hosting, CDN & DDoS protection service to clients with servers located in Hong Kong, Taiwan, Japan and Southeast Asia.

OTHER ARTICLES

What Lessons Can We Takeaway from Las Vegas’ Recent Thwarted Cyberattack?

Article | February 27, 2020

Picture this: a news story detailing a cyberattack in which no data was exfiltrated, thousands (or even millions) of credit card details weren’t stolen, and no data was breached. While this isn’t the type of headline we often see, it recently became a reality in Las Vegas, Nev. On January 7, 2020, news broke that the city of Las Vegas had successfully avoided a cyberattack. While not many details were offered in the city’s public statement, local press reported that the attack did employ an email vector, likely in the form of a direct ransomware attack or phishing attack. The use of the word “devastating” in the public statement led many to believe ransomware was involved. This inference isn’t farfetched—and is likely a correct conclusion—given that cities throughout the U.S. have seen ransomware attacks on critical systems. Attacks that have cost those cities millions of dollars.

Read More

NCSC makes ransomware attack guidance more accessible

Article | February 27, 2020

The UK’s National Cyber Security Centre (NCSC) has updated its guidance to organisations on how to mitigate the impact of malware and ransomware attacks, retiring its standalone ransomware guidance and amalgamating the two in a bid to improve clarity and ease confusion among business and consumer users alike. The NCSC said that having two different pieces of guidance had caused some issues as a lot of the content relating to ransomware was essentially identical, while the malware guidance was a little more up-to-date and relevant. The service said the changes reflect to some extent how members of the public understand cyber security. For example, it implies a distinction between malware and ransomware even though technically speaking, ransomware is merely a type of malware. “Not everyone who visits our website knows that. Furthermore, they might well search for the term ‘ransomware’ (rather than ‘malware’) when they’re in the grip of a live ransomware incident,” said a spokesperson.

Read More

Single Layers Of Security Aren’t Enough To Protect Your Organization’s Data

Article | February 27, 2020

Next to your employees, your organization’s data is its most important resource. A data breach can devastate an organization’s finances and reputation for years. According to the 2019 Cost of a Data Breach Report, conducted by Ponemon Institute, the average total cost of a data breach in the U.S. is close to $4 million, and the average cost per lost data record is $150. Hackers are more sophisticated than ever and the value of data seems to rise every day. In fact, McAfee believes that 92% of organizations unknowingly have credentials for sale on the Dark Web or “dark net.”

Read More

Security News This Week: A Tiny Piece of Tape Tricked Teslas Into Speeding Up 50 MPH

Article | February 27, 2020

This week was filled with wide-scale calamity. Hundreds of millions of PCs have components whose firmware is vulnerable to hacking which is to say, pretty much all of them. It's a problem that's been known about for years, but doesn't seem to get any better. Likewise, Bluetooth implementation mistakes in seven SoC—system on chips—have exposed at least 480 internet-of-things devices to a range of attacks. IoT manufacturers will often outsource components, so a mistake in one SoC can impact a wide range of connected doodads. The most troubling part, though, is that medical devices like pacemakers and blood glucose monitors are among the affected tech. YouTube Gaming, meanwhile, wants to take Twitch's crown as the king of videogame streaming. But its most-viewed channels are almost all scams and cheats, a moderation challenge that it'll have to take more seriously if it wants the legitimacy it's spending big money to attain. In another corner of Alphabet's world, hundreds of Chrome extensions were caught siphoning data from people who installed them, part of a sprawling adware scheme.

Read More

Spotlight

BGP Network

WE ARE BGP NETWORK. The Distributed Denial of Service (DDoS) solution and Cloud Computing business are projected to grow at CAGR of 21.3% and 28.4% respectively by 2022. To grasp the exponential growth opportunities and meet the innumerous potential demands with these emerging economies, BGP Joint Venture was established in 1 August 2017 to provide Cloud Hosting, CDN & DDoS protection service to clients with servers located in Hong Kong, Taiwan, Japan and Southeast Asia.

Events