Hikvision on Spear Phishing, How to Identify this Security Concern
A sophisticated, targeted phishing campaign is creating new security concerns. Learn what you need to know about this campaign in the Security magazine article that covers the attacks, “New spear phishing emails target C-suite executives, assistants & financial departments.”
The phishing campaign was detected by the threat research team at Area 1 Security.
From the article: “By targeting the financial departments of these companies, the attackers could potentially gain access to sensitive data of third parties through invoices and billing, commonly referred to as a BEC (Business Email Compromise) attack. This enables the attackers to send forged invoices from legitimate email addresses to suppliers, resulting in payments being made to attacker-owned accounts.”
Business Email Compromise is a type of phishing attack that aims to trick the victim into sending money to the attacker. Targeting financial departments is an attempt for hackers to gain access to sensitive billing data. It could enable “the attackers to send forged invoices from legitimate email addresses to suppliers, resulting in payments being made to attacker-owned accounts.”
The current spear phishing campaign uses very sophisticated methods throughout the attack process, including how the phishing messages were crafted and how it attempted to obtain passwords. Read the article to learn more.
Spear phishing is a type of phishing attack that is targeted to a specific person or organization. Spear phishing emails typically have information about the victim in the email that makes the email seem credible. Read this Hikvision blog to learn more, including how to identify this type of attack and avoid becoming a victim to this security concern: “Part Two: An Overview of Spear Phishing Hacks by Hikvision Senior Director of Cybersecurity.”