Carding Forum
Professional
- Messages
- 2,788
- Reaction score
- 1,176
- Points
- 113
Hackers attack businesses around the world under the guise of a logistics company.
In the summer of 2024, cybercriminals became more active, attacking industrial enterprises around the world under the guise of a well-known transport company. Kaspersky Lab experts warn that hackers are stealing credentials from corporate email accounts by sending phishing emails. Hackers have targeted organizations in Russia, Pakistan, Algeria, Saudi Arabia, Mexico, Egypt, Kuwait, Oman, Brazil and Kenya. Kaspersky Lab detected almost 500 such emails as part of this phishing mailing list.
Source
In the summer of 2024, cybercriminals became more active, attacking industrial enterprises around the world under the guise of a well-known transport company. Kaspersky Lab experts warn that hackers are stealing credentials from corporate email accounts by sending phishing emails. Hackers have targeted organizations in Russia, Pakistan, Algeria, Saudi Arabia, Mexico, Egypt, Kuwait, Oman, Brazil and Kenya. Kaspersky Lab detected almost 500 such emails as part of this phishing mailing list.
How scammers operate
Scammers act in a sophisticated way, using a convincing legend about the planned delivery of cargo to the port of unloading. The email contains a link to a supposedly PDF file containing the invoice and other important documents. The letter is signed by the client service of a large international logistics company, the logo is identical to the original, the text is written in a business style. After receiving such an email, an employee of the company may not suspect the trick and open the attachment. As a result, the user is redirected to a phishing page, where they will be asked to log in to view confidential documents by entering their corporate email username and password. However, in fact, the credentials will go to the attackers.Potential threats
By gaining access to email accounts, attackers can get hold of other confidential corporate information, including invoices, contracts, and information about internal processes in the company. This data can be sold, used for blackmail, or for further attacks on the enterprise.Safety recommendations
Experts from Kaspersky Lab note that phishing mailings are often disguised as business correspondence. They advise you to be extremely attentive to emails that ask you to enter confidential information. When receiving emails from supposedly verified large companies, it is important to check their relevance and check with colleagues from other departments. This is especially true for those employees who are not involved in organizing cargo delivery and are not aware of the details, but are responsible only for checking documents.Kaspersky Lab Security measures
To prevent phishing attacks, Kaspersky Lab recommends::- Don't trust emails from unfamiliar mailboxes, especially if they contain requests for entering confidential data, money transactions, or suspicious attachments.
- Pay attention even to emails from well-known companies, as external similarities can be deceptive.
- Install reliable security solutions that will automatically send suspicious emails to spam.
Source
