According Symantec, European companies may become victims of hackers again. Security experts state that cybercriminals use complicated schemes of social engineering to perform the attacks.
As said by Symantec, at least 14 French companies became victims of the attackers. Similar attacks were also discovered in Romania and Luxemburg.
“There is evidence to suggest that these attacks began as early as February 2013, however, it was only more recently in April that phone calls were being placed prior to sending the victim the phishing email. The attacks are currently localized to French organizations but have also included subsidiaries that operate outside of France,” – claims report.
Security experts say that the attacks begin with a phone call to one of the victim’s employees informing them about the sales invoice they are about to receive via email.
“Since handling invoices is something they would do on a regular basis, this lure has the potential to be quite convincing. Each element of this attack requires careful planning and contributes to the overall success rate of the attack.”
As the matter of fact, sent file is a modified version of the RAT-Trojan known as W32.Shadesrat. When installed on the PC, the malware grants cybercriminals with the access to confidential data, giving the opportunity to connect to the company’s bank accounts.
Data collected by Shadesrat Trojan can also be used by cybercriminals to perform new attacks using schemes of social engineering.