After taking a European tour that included Germany and Italy, a new phishing email campaign has hit the United States this month. The goal of this particular attack is to spread a trojan onto computers after getting victims to take their phishing bait. Phishing attacks aren’t anything new. In fact, they have been around for a long time and have been quite successful for cybercriminals. Education, comprehensive data back-up, professional remote monitoring, and other Greater Boston security solutions can help to prevent these attacks from happening, but employee education is key.

Impersonating the US Postal Service

The new phishing email campaign was first noticed in the US on November 12, 2019. Thousands of emails were attempting to deploy attachments with malicious Microsoft Word documents. The basis of the emails was an impersonation by none other than the US Postal Service and was an attempt to infect systems with a well-known phishing attack that is called the IceID banking trojan. Initially discovered “in the wild” back in 2017, IceID has been used to commonly attack banks, credit card, and other payment card providers, as well as other types of financial institutions. The goal is to obtain user credentials.

This most recent attack, however, was not using this phishing attack to target financial organizations. It was targeting the healthcare industry. The emails discovered in this new phishing email campaign were using the URL, and the malicious Microsoft Word documents containing what was designed to appear as an RSA SecurID key. When the victim opens the Word doc, a Microsoft Office macro is triggered, which launches a PowerShell script. The script is then downloaded and immediately installs IceID onto the user’s computer. Past attacks in Europe have included impersonations of other government offices, including the German Federal Ministry of Finance and the Italian Ministry of Taxation.

How Phishing Attacks Work

Today’s cybercriminals have been using phishing attacks for many years, particularly with finance-based lures around various seasons. Annual tax filing deadlines can result in increased phishing attacks from impersonated tax agencies, such as the attacks in Italy. The person who receives the email is caught off-guard and upset to find that they must download a document from the government to avoid penalties, tax assessments, and fees. They take advantage of vulnerabilities in network security and employee education to be successful in their attacks. When it comes to phishing and spear-phishing attacks, this new phishing email campaign is just the latest in a long line of cyber-attacks – not the first and not the last.

User error and lack of knowledge are the two most powerful tools in the cyber-attacker’s arsenal. Today’s emails are even more sophisticated than those that would be sent out in the past. Years ago, phishing attempts were fairly easy to spot, containing crazy stories designed to appeal to the victim’s own greed, kindness, and ignorance. You’ve just won a $50,000, and we need your bank information to deposit it into your account! This poor family is stuck in another country and needs a local sponsor to come to America – please provide your credit card information. The social security office needs you to respond with your full name and social security number to verify your identity for future payments. Thousands of Americans fell for these schemes back when the internet was brand new, but many still fall for them today.

Multi-Faceted Protection for Business

There are many things that businesses can do to protect them from cyber-attack. Our Greater Boston security solutions at Synivate include a comprehensive array of anti-virus, anti-malware, professional remote monitoring, and full data back-up programs for quick recovery and reduced downtime. However, the best way to prevent an attack is still employee education. We work with each client as an individual to determine your needs for network security and support. We can help you and your staff to be prepared for attacks like this new phishing email campaign and anything else the cybercriminals think up next.

If you would like to learn more about our Greater Boston security solutions and services, give us a call at 617-517-0704. We can answer any questions that you might have about professional remote monitoring, discuss your needs for comprehensive data back-up and recovery, and offer solutions designed specifically for your industry requirements and needs. Call today for a FREE estimate or to speak with one of our IT specialists.