When people think of spam emails, it’s usually phishing that comes to mind. These are the emails that make up your junk folder: a truly frightening combination of poor grammar, bad spelling, and vulgarity that makes you question how anyone can fall for a phishing attack. Spear-phishing has become the new way to create a spam email campaign. By targeting specific demographics and crafting believable ‘lure’ emails, cybercriminals can entice people to click untrustworthy links in their emails. In recent years, the group TA542 has been one of the most prolific criminal entities to use spear-phishing as their primary form of cybercrime, sending almost one million fraudulent messages a day.
Their latest attack was a campaign targeting supporters of the Democratic party in the United States. Their lure emails mimic the language on emails sent from Democratic activist groups like ActBlue, leading people to believe that the sender is trustworthy. Once they click on the link in the email, they unwittingly download TA524’s signature malware, a program called Emotet. This does anything from scanning your computer for personal information to downloading your banking credentials. TA542’s combination of realistic lure emails and sophisticated malware makes them a particularly dangerous group of cybercriminals. However, there are still steps you can and should take to protect your data!
Traditional advice about how to avoid phishing scams is not to open links from people or companies that you aren’t familiar with. However, spear-phishing emails mimic those trusted senders. Some ways to stay safe in this new environment is only to open links or documents that you are expecting to receive. When you receive a link in an email that is unfamiliar or unexpected, go to the sender’s website and navigate to the desired page from there. As cybercriminals become more advanced, having outside tech support becomes increasingly important—if someone from your company falls prey to a spear-phishing attack, having secure data backups and a plan for how to mitigate the damage caused by the malware is crucial. If you’re concerned about spear-phishing, reach out to us at firstname.lastname@example.org to learn more.