Small businesses targeted by highly localized Ursnif campaign
to click on a bad link, open a malicious file, or install a poisoned
update in order to steal valuable data. In the past, they cast as wide a
net as possible to increase the pool of potential victims. But attacks
that create a lot of noise are often easier to spot and stop. Cyber
thieves are catching on that we are watching them, so they are trying
something different. Now we’re seeing a growing trend of small-scale,
localized attacks that use specially crafted social engineering to stay
under the radar and compromise more victims.
In social engineering attacks, is less really more?
A new malware campaign puts that to the test by targeting home users
and small businesses in specific US cities. This was a focused, highly
localized attack that aimed to steal sensitive info from just under 200
targets. Macro-laced documents masqueraded as statements from legitimate
businesses. The documents are then distributed via email to target
victims in cities where the businesses are located.
With Windows Defender AV’s next gen defense, however, the size of the attack doesn’t really matter.
Several cloud-based machine learning algorithms detected and blocked
the malicious documents at the onset, stopping the attack and protecting
customers from what would have been the payload, info-stealing malware Ursnif.
TO read the full article on Microsoft site go here