We recently detected a widespread “Statement of Account” attack targeting one of our customers. Within an organization of 7,000 employees, 229 users received the same email.

In these attacks, the user first receives an email from an external source regarding a request for an updated Statement of Account.

Malicious email requesting Statement of Account
In the email, the user is asked to open an attached .gz file to view their Statement of Account, which contains a malicious .exe file.
The attacker tried to label the file as a Word document so the user would not suspect anything.

Once the user opens the file, the malware installs itself and from that point on the hacker has control of the machine and achieves their goal.

 

Perception Point is a Prevention-as-a-Service company, built to enable digital transformation. Trusted by global enterprises, our Gartner-recognized, revolutionary platform offers a 360-degree protection against any type of content-based attacks, across all collaboration channels, in one simple solution. Built by and for IT and security experts, our service is incredibly easy to deploy, maintain and update according to the newest attack techniques, like the one featured in this post. This campaign was caught by Perception’s Threat Intelligence engine. Learn more about our Advanced Threat Detection platform here