COMPTEC GREECE
📢 We are writing to inform you about an ongoing social engineering campaign that has been targeting businesses like yours with spam emails and phone calls.
Campaign Details:
⚠Tactics Used: The attackers overwhelm users with spam emails, including newsletter sign-up confirmations from legitimate organisations, to bypass email protection solutions.
⚠Phone Call Approach: Following the spam email bombardment, users receive phone calls from individuals impersonating the company's IT team. These callers offer assistance to resolve the email issues and prompt users to download remote monitoring and management software such as AnyDesk or use Microsoft's built-in Quick Assist feature.
⚠Goal: The aim is to establish a remote connection, allowing attackers to download additional malicious software to harvest credentials and maintain persistence on the compromised systems.
Recommended Actions:
✅Email Vigilance: Be cautious of unexpected email influxes, especially those prompting immediate action or offering technical support.
✅Phone Verification: Verify the identity of any caller claiming to be from your IT department before following their instructions. Do not install software or provide remote access unless you are certain of the caller's legitimacy.
✅Reporting Suspicious Activity: Urge users to immediately report any suspicious emails or phone calls and call for assistance.
Your business and data security are always our top priority.
📞Should you have any concerns or require further information, please do not hesitate to reach out to us: https://bit.ly/comptecitmeeting
Source: Thehackernews.com