Tuesday, February 11, 2025
HomePhishingActive Business Phishing Campaign Targeting Fortune 500 Companies to Steal Financial Assets

Active Business Phishing Campaign Targeting Fortune 500 Companies to Steal Financial Assets

Published on

SIEM as a Service

Follow Us on Google News

Hackers involved in Business Phishing Campaign using well crafted social engineering methods to harvest login credentials and to steal money.

The attack most likely to be originated from Nigerian origin and they are engaged in credential harvesting, phishing and social engineering campaign designed to steal financial assets.

IBM X-Force Incident Response team detected the campaign, the attacker group sent business email compromise (BEC) scams to Fortune 500 companies to initiate fraudulent wire transfers.

Also Read Beware!! Hackers Using Facebook Profiles to Trick the User’s in Downloading Android Spyware

The BEC attack is completely based on Phishing and social engineering, the cybercriminals don’t require any specific tools or malware.

Cybercriminals use some tactics to make the emails looks legitimate. The Emails sent directly from trusted contacts or spoofed to appear from trusted contacts.Mimicked previous conversation, inserted themselves into the conversation.
Business Phishing Campaign
Source: IBM

Researchers said “the size of the group is still unknown and the threat actors used phishing toolkits to create login pages for more than 100 compromised websites, which indicates the phishing campaign is widespread and the compromised websites vary in geographic location, IP address resolution and the Industry including retail, healthcare, financial and professional services”.

Also, the cybercriminals set up domains that similar to company’s domain name with small changes to make it believes it is a legitimate source. As like any other phishing attacks they have done some grammatical and colloquial mistakes.

Separately, once attackers used stolen credentials to send mass phishing emails, they at the same time came upon AN email rule to filter all responses to the phish, undelivered messages, or messages containing words like “hacked” or “email” to the user’s RSS feeds folder and marked them as the scam.

How to stay safe – Business Phishing Campaign

1. Have a unique Email address.
2. Do not open any attachments without proper validation.
3. Don’t open emails voluntary emails.
4. Use Spam filters & Antispam gateways.
5. Never respond to any spam emails.
6. verify the vendor.
7. Implement Two-factor Authentication

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Hackers Exploit Valentine’s Day Domains for Sneaky Cyber Attacks

Cybercriminals are capitalizing on the season of love to launch sneaky and deceptive cyberattacks.According...

EARLYCROW: Detecting APT Malware Command and Control Activities Over HTTPS

Advanced Persistent Threats (APTs) represent a sophisticated and stealthy category of cyberattacks targeting critical...

Enhanced IllusionCAPTCHA: Advanced Protection Against AI-Powered CAPTCHA Attacks

As AI technologies continue to evolve, traditional CAPTCHA systems face increasing vulnerabilities.Recent studies...

Akira Ransomware Dominates January 2025 as the Most Active Ransomware Threat

January 2025 marked a pivotal month in the ransomware landscape, with Akira emerging as...

Supply Chain Attack Prevention

Free Webinar - Supply Chain Attack Prevention

Recent attacks like Polyfill[.]io show how compromised third-party components become backdoors for hackers. PCI DSS 4.0’s Requirement 6.4.3 mandates stricter browser script controls, while Requirement 12.8 focuses on securing third-party providers.

Join Vivekanand Gopalan (VP of Products – Indusface) and Phani Deepak Akella (VP of Marketing – Indusface) as they break down these compliance requirements and share strategies to protect your applications from supply chain attacks.

Discussion points

Meeting PCI DSS 4.0 mandates.
Blocking malicious components and unauthorized JavaScript execution.
PIdentifying attack surfaces from third-party dependencies.
Preventing man-in-the-browser attacks with proactive monitoring.

More like this

Massive Facebook Phishing Attack Targets Hundreds of Companies for Credential Theft

A newly discovered phishing campaign targeting Facebook users has been identified by researchers at...

Hackers Exploit ADFS to Bypass MFA and Access Critical Systems

Hackers are targeting organizations using Microsoft’s Active Directory Federation Services (ADFS) to bypass multi-factor...

Hackers Exploiting 7-Zip Zero-Day Vulnerability to Deploy SmokeLoader Malware

A newly identified zero-day vulnerability in the widely used 7-Zip archiving software, designated as...