File Integrity Monitoring NON STOP FILE INTEGRITY MONITORING

The package delivery company, FedEx, has been the recent target of a phishing scam targeting English and Italian speaking customers.

This phishing scam targeting FedEx customers uses a sophisticated social engineering scheme that involves the one thing we all want- our packages delivered.

This scam is currently limited to only English and Italian speaking customers, with many researchers believing these cyber criminals are trying to figure out which language generates the most traction.

Attackers are using the recipient’s fear of not getting their package delivered to their advantage. Cyber criminals start off by sending emails dressed up to look like an official FedEx correspondence with a malicious attachment attached to the email. The email states that the victims’ package was brought to the residence, but no one was home to sign for it, so they must visit a FedEx office within 48 hours or the item will be returned to sender. The email ends by asking the victim to print out the attached document which is required in order to pick up the package. Once the attachment is clicked, the malware is downloaded, causing the victims computer to be corrupted.

Researchers at Comodo Threat Research Labs did not specify what kind of malware is inserted into the victims PC, but they have confirmed that no ransomware has been detected in this campaign.

Comodo noted that other than a few formatting errors, the fake emails are very hard to spot. Unfortunately, this means the bad guys are getting that much better at tricking their victims by mimicking logos and color schemes used by corporations to appear legitimate.

FedEx has responded to this phishing attack and stated, “FedEx does not send unsolicited emails to customers requesting information regarding packages, invoices, account numbers, passwords or personal information.”

From an enterprise standpoint, reliable threat intelligence needs to be implemented to disturb any malware that enters the arena. It’s important to implement a layered security approach to your IT estate, and by working with NNT, your organization will be able to adopt a ‘layered and integrated approach’ to security that incorporates the right process, methodology and set of tools in order to guard your IT environment against today’s ever-evolving threat landscape.

With NNT's Change Tracker Gen7, your organization will come equipped with intelligent file integrity monitoring, compliance managementsystem hardening, threat intelligence & security configuration management all powered by Intelligent Closed-Loop Intelligent Change Control, all working to make your IT estate as secure and compliant as possible.

 

Read this article on SC Magazine

 

 

 

Products
USA Offices
New Net Technologies Ltd
Naples
9128 Strada Place
Naples, Florida, 34108
Atlanta
201 17th Street, Suite 300
Atlanta, Georgia, 30363.

Tel: 1-888-898-0674
email USinfo@nntws.com
NNT Logo
UK Office
New Net Technologies Ltd
Spectrum House, Dunstable Road
Redbourn,
St Albans

Herts
AL3 7PR

Tel: 08456 585 005
Fax: 08456 122 031
email info@newnettechnologies.com
Connect with NNT
Google+ Linkedin Twitter - Change Tracker Facebook rss feed YouTube
Sign up to NNT's IT security and compliance monthly newsletter. Get breaking security news, how-to tips, trends and commentary direct to your inbox.

Sign up to the NNT newsletter