File Integrity MonitoringNON STOP FILE INTEGRITY MONITORING

The package delivery company, FedEx, has been the recent target of a phishing scam targeting English and Italian speaking customers.

This phishing scam targeting FedEx customers uses a sophisticated social engineering scheme that involves the one thing we all want- our packages delivered.

This scam is currently limited to only English and Italian speaking customers, with many researchers believing these cyber criminals are trying to figure out which language generates the most traction.

Attackers are using the recipient’s fear of not getting their package delivered to their advantage. Cyber criminals start off by sending emails dressed up to look like an official FedEx correspondence with a malicious attachment attached to the email. The email states that the victims’ package was brought to the residence, but no one was home to sign for it, so they must visit a FedEx office within 48 hours or the item will be returned to sender. The email ends by asking the victim to print out the attached document which is required in order to pick up the package. Once the attachment is clicked, the malware is downloaded, causing the victim's computer to be corrupted.

Researchers at Comodo Threat Research Labs did not specify what kind of malware is inserted into the victim's PC, but they have confirmed that no ransomware has been detected in this campaign.

Comodo noted that other than a few formatting errors, the fake emails are very hard to spot. Unfortunately, this means the bad guys are getting that much better at tricking their victims by mimicking logos and color schemes used by corporations to appear legitimate.

FedEx has responded to this phishing attack and stated, “FedEx does not send unsolicited emails to customers requesting information regarding packages, invoices, account numbers, passwords or personal information.”

From an enterprise standpoint, reliable threat intelligence needs to be implemented to disturb any malware that enters the arena. It’s important to implement a layered security approach to your IT estate, and by working with NNT, your organization will be able to adopt a ‘layered and integrated approach’ to security that incorporates the right process, methodology and set of tools in order to guard your IT environment against today’s ever-evolving threat landscape.

With NNT's Change Tracker Gen7, your organization will come equipped with intelligent file integrity monitoring, compliance management, System Hardening, threat intelligence & security configuration management all powered by Intelligent Closed-Loop Intelligent Change Control, all working to make your IT estate as secure and compliant as possible.

 

Read this article on SC Magazine

 

 

 

 

NNT Products
USA Offices
New Net Technologies Ltd
Naples
Suite #10115, 9128 Strada Place
Naples, Florida, 34108
Atlanta
201 17th Street, Suite 300
Atlanta, Georgia, 30363.

Tel: 1-888-898-0674
email[email protected]
UK Office
New Net Technologies Ltd
Spectrum House, Dunstable Road
Redbourn,
St Albans

Herts
AL3 7PR

Tel: 08456 585 005
Fax: 08456 122 031
email[email protected]
NNT Newsletter
Sign up to receive our monthly newsletter covering breaking security news, how-to-tips, trends and commentary directly to your inbox.


Google+ Linkedin Twitter - Change Tracker Facebook rss feed YouTube
CIS benchmarking SEWP Cybersecurity 500 Sans Institute
Copyright 2017, New Net Technologies Ltd. All rights reserved. 
NNT and Change Tracker are registered trademarks of New Net Technologies Ltd.
All other product, company names and trademarks are the property of their respective owners.