Phishing is so widespread today, you can feel the effects of a phishing attack even if you’re not the one who got phished. The latest example of this is detailed in a report on Bleeping Computer: “Phishing Attacks Target US Utilities with Remote Access Trojan.”
That’s right. A phishing attack designed to “give the attackers admin control over the infected systems.” In other words, the ability to turn off your electricity and leave you in the dark.
According to the report, “The phishing emails received by the targets were designed to mimic official failed examination alerts from the U.S. National Council of Examiners for Engineering and Surveying (NCEES), which is a national nonprofit organization dedicated to advancing professional licensure for engineers and surveyors. The messages used impersonation to trick potential victims into thinking that the domains used to deliver the emails and their contents were from an official source.”
Interestingly, the attacks were launched from the domain nceess.com, which is a domain name spoof of the NCEES website. But, if you look at the domain quickly, it can be difficult to notice the difference visually. That’s what the attackers were counting on.
The malware that was part of the phishing payload, dubbed LookBack, “is a remote access Trojan developed in C++ with an impressive list of capabilities which allows attackers to completely take control of compromised machines once infected.”
The industries change. The attackers change. The payloads change. The delivery tactics stay the same: spear phishing + domain name spoofing. If you can stop the delivery tactics, the payloads don’t matter. But as you can imagine, depending on human beings to do that is a dangerous proposition.
At DuoCircle, we help companies, including utility companies, defend themselves against these delivery tactics. With real-time link click protection and malicious attachment blocking, even if the email is convincing, you’ll be protected.
Try our risk free for 30 days. our email security services work with all email services and you’ll be protected in as little as 10 minutes. Unfortunately, unless your utility company does the same, you may still end up in the dark.