Published on May 29th, 2019 📆 | 5579 Views ⚑0
Phishing Canadian Targets
We have recently blogged about KrebsOnSecurity’s story on compromised Canadian business email addresses. Here is some updated background on threats to Canadian organizations.
Since January 2019, nearly one hundred phishing campaigns have been tailored specifically for Canadian targets, according to researchers at Proofpoint.
Attackers are spoofing a number of well-known Canadian companies and organizations, and are using French-language phishing lures to increase their chances of tricking Canadian victims. Most of these campaigns are run by financially motivated criminals, although some are launched by nation-state actors.
The two most common malware strains used in these campaigns are Emotet and Ursnif, both of which are banking Trojans used to steal information and deliver additional malware. Other types of malware targeting Canada include banking Trojans like IcedID, Trickbot, and Dridex, the GandCrab ransomware, and the Formbook keylogger. The Proofpoint researchers stress that the rise in targeted Emotet attacks is particularly notable, and should serve as a warning to Canadians that they need to be on the lookout for more than just generic phishing spam.
“In 2019, threats specific to Canadian interests, whether abusing Canadian brands, or affecting Canadian organizations through specific geo-targeting mean that defenders at Canadian companies must be cognizant of threats far more targeted than ‘North America,’” the researchers write. “Banking Trojan and the Emotet botnet lead the pack, creating risks for organizations and individuals with compelling lures and carefully crafted social engineering. While Canada-targeted threats are not new, Emotet in particular, with its frequent region-specific email campaigns, is bringing new attention to geo-targeting in Canada and beyond.”
These targeted phishing campaigns are in addition to hundreds of other untargeted campaigns that have impacted Canada this year. Users need to be constantly vigilant in order to identify attackers’ attempts to deceive them. New-school security awareness training can give your employees the knowledge they need to defend themselves against these attacks.
Proofpoint has the story: https://www.proofpoint.com/us/threat-insight/post/beyond-north-america-threat-actors-target-canada-specifically