We’re currently in a season to celebrate especially for attackers. It’s the perfect opportunity to take advantage of people distracted by the holidays and slip malicious content into the ever so tempting array of holiday emails.
Below is an example of a series of attacks we caught for an enterprise client, specifically leveraging Thanksgiving and Black Friday. You can be sure the same attackers will leverage Christmas, Hannukah, New Year’s and more.How the attack works .
The user receives a mail promoting an irresistible deal or containing a very considerate e-card from a colleague or family member. The content is very tempting to open, and taps into the user’s holiday or shopping-spirit to get him to click.Holiday-themed Email Examples .
In the examples below, the attacker is wishing the target a Happy Thanksgiving and tempting him to click on the attachment.
New malicious files .
At the time of writing this post, not only were the emails very tricky but the attached files were also new and not recognized by the traditional security solutions in Virus Total. Since they are unknown, the files can easily bypass mainstream solutions. If the user opens the file and clicks ALLOW, Macro code will activate and execute malicious code on the host.New file names and hashes .
Perception Point detected these with our proprietary HAP technology that detects advanced threats.