Phishing attacks often target non-IT employees because they are believed to be easier to fool. Nevertheless, IT specialists can also become victims of cyber criminals. Lazarus Group has recently attacked a cryptocurrency organization, targeting the company’s system administrator. The attackers crafted a fake job post on LinkedIn to attract his attention and used a malicious attachment as a bait. The malicious file prompted the sysadmin to open it for details of an exciting new job. The document was allegedly protected by the GDPR, so the sysadmin had to enable macros to open it.
Most phishing attacks target generic audience. Phishing emails for such mailing campaigns are neither personalized nor accurate. The attackers rely on the victim to react fast without thinking twice. For example, immediately changing the password being afraid that someone has stolen his or her data. Or opening the attached document without double checking the email sender.
There is another approach, when the victim is pre-selected, and the phishing communication is built carefully. It requires a greater resource investment, but also guarantees a greater reward. This is exactly what happened to the attacked cryptocurrency company in this story.
Image by wal_172619