- Finans-theme phishing uses personalized items and file names to provide malware
- Travel and Respons Phishing also uses personalization to push information star and rats
- Cofense calls for verification of unexpected E emails and updates for security tools
Attackers are increasingly personalized phishing -e emails to deliver malware experts have warned, with criminal reaping in huge gains.
By adding the recipient’s name, company and other details of subject lines, file names and message content, seek threat actors to make the messages appear more legitimate, increasing the chances of recipients opening malicious attachments or clicking links, researchers have revealed.
Cofense analyzed one year’s value of data and found that although several campaign themes use this tactic, phishing-themed phishing was the most worrying due to both frequency and influence.
Stay safe
Nearly 22% of the subject-redacted emails fell into this category, often posing as invoices, bids or payment listings.
Many of these emails transported Jat, a cross-platform remote access Trojan that can give attackers full control over a system, steal files and install more malware.
Financing theme phishing is particularly effective because it is mixed with normal communication in the workplace, as employees often expect emails about contracts or payment updates.
While phishing-themed phishing accounted for 21.9% of personalized subject cases, other themes also made strong use of this approach.
Travel Aid was the largest category of 36.78%, often used to deliver Vidar Stealer under the guise of reservation or travel plan updates.
Emails with response theme followed 30.58%, often carrying Pikabot in messages disguised as meeting cancellations or order confirmations.
Campaigns with tax theme amounted to 3.72%, often involved Remco’s steering wheel in password-protected archives, while phishing with review theme also represented 3.72%, providing various malware families, including WSH Rat and Jat.
To counter these threats, Cofense advises to verify unexpected e -mail requests through reliable channels, keep antivirus and malware removal tools up to date and limit the public exposure of staff information to make targeting harder.
In summary, Cofense says, “While customized subject lines are not used in all malware -e -mail samples, it is a strong tactic to make the recipient feel a higher sense of urgent nature that can lead to a successful infection. Specially targeted e -mails that provide rats or information star can be noteworth Brokered to Ransomware -Trussler. “
