Email Phishing Uses Fake Adobe Files To Steal Company Data
By: Jim Stickley and Tina Davis
May 8, 2019
True to form, hackers are using tactics they know worked best in the past and improve on them. In a recent hack, the tried-and-true tactic is email phishing. One reason for the incredible success behind email phishing is that it gives cybercriminals direct access to their most reliably vulnerable assets–the users themselves. This time, the improved malware called Separ uses email phishing to target businesses in North America and countries worldwide. Over 200 companies and thousands of individuals have been hit by Separ, and it’s a safe bet that many more victims are on the way.
Earlier versions of Separ were discovered back in November of 2017, with this latest variant found just weeks ago. Information-stealing hacks are nothing new, and Separ is a surprisingly simple tactic that is wildly successful. It begins with email phishing aimed primarily at business employees. Separ attaches familiar Adobe file extensions to emails like “.pdf” and “.jpg.” It relies on common business subjects like shipments, equipment, and quotes to get attention. Once a staffer clicks on the attachment, data such as email and browser credentials are stolen--and even system firewall settings can be changed.
Undeniably, at the heart of Separ’s success is email phishing. According to the Wombat 2018 State of the Phish report, 76% of organizations claim they experienced phishing attacks in 2017. The Verizon 2018 DBIR found over 92% of malware is delivered via email. Knowing these statistics, it’s easy to see why email phishing and malware like Separ is so effective. With that in mind, employee email safety steps need to be taken–and taught by organizations to minimize their vulnerability to phishing attacks.
- Overall, remember that everything you see is not always real. Since hackers use every tricky tactic to get their emails opened, approach every email with a healthy dose of skepticism.
- Check the sender’s email address. If it looks suspicious, delete the email immediately or bring it to the attention of the IT department. Trying to figure it out on your own could mean trouble.
- Don’t take the bait. Subject lines that are aggressive or enticing are designed to get your attention and get you to act.
- Beware of what you see. Familiar logos and images that look legitimate are very easily faked. Typos are another big red flag.
- Better safe than sorry. Don’t click on links or attachments unless you are sure they are safe. If they’re not expected or from a trusted source, don’t fall for it.
Remember there is no such thing as a safe attachment type. So don’t assume that if it isn’t one of the ones commonly called out as being used for malicious intent that it’s safe. Just because a certain type hasn’t been used yet, doesn’t mean it won’t—or that it has, but we just haven’t found it yet. Don’t be the one that does.