A new malware-laden phishing campaign, dubbed August, has been detected targeting customer service and managerial staff at retailers, according to a new report from Proofpoint. The clever ploy spreads through an email arriving in the inboxes of targeted individuals with subject lines referring to supposed purchases via the company’s website. Recipients are specifically selected who are appropriate reps to deal with customer issues. The message further dupes recipients by saying more detailed information is contained in the attached document. Such subject lines as: “Help: Items vanish from the cart before checkout,” and “Support: Products disappear from the cart during checkout,” are used in the campaign. Should a recipient click on the link, the August malware is loaded with Word macros and PowerShell. It has capabilities to commandeer credentials and siphon off sensitive documents from the infected computer.
View full story
ORIGINAL SOURCE: SC Magazine