Dive Brief:
- A group of hackers has been targeting e-mails from more than 100 publicly-traded organizations or advisory firms, the majority of which are healthcare and pharmaceutical companies, since mid-2013, according to a report released by the cybersecurity firm FireEye.
- The group, which FireEye calls FIN4, targets a diverse group of workers, including top executives, legal counsel and regulatory, risk and compliance officers.
- Individuals targeted are sent different e-mails with links or attached documents that prompt a fake e-mail login page designed to steal the individual's credentials, which allows the hacker to log in and read the contents of the e-mails. The targeted attacks—known as spear phishing—"appear to be written by native English speakers familiar with both investment terminology and the inner workings of publicly traded pharmaceutical and other healthcare companies," according to the report.
Dive Insight:
If you think spam is easy to spot, think again: According to The New York Times, these hackers aren't novices. In fact, they're familiar with financial lingo and have lured executives into clicking on e-mails with their sophisticated tactics. In several cases, attackers have used confidential company documents, which they had previously stolen, as aids in their deception. In other cases, the attackers simply embedded generic investment reports in their e-mails.
"Given the types of people they are targeting, they don't need to go into the environment; the senior roles they target have enough juicy information in their inbox," Jen Weedon, a FireEye threat intelligence manager, told the Times.
In other words, if you're in the healthcare industry, maybe it's time to consider e-mail encryption technology—or a crash course in recognizing high-level deception.
