Story image

Australia a target for ‘designer’ cyber threats

04 May 2016

New SophosLabs research has found that there is a growing trend among cybercriminals to target and even filter out specific countries when designing ransomware and other such malicious cyberattacks.

This extra care taken by cybercriminals to target their victims has meant their latest malicious offerings have been deemed ‘Designer’ cyber threats.

The study from SophosLabs found cybercriminals are in fact crafting customised spam to carry threats using regional vernacular, brands and payment methods for better cultural compatibility.

This includes ransomware cleverly disguised as authentic email notifications complete with counterfeit local logos, making it much more believable, clickable and hence more financially rewarding for the criminal.

“You have to look harder to spot fake emails from real ones,” says Chester Wisniewski, senior security advisor at Sophos. “Being aware of the tactics used in your region is becoming an important aspect of security.”

Impersonations include local postal companies, tax and law enforcement agencies and utility firms, including phony shipping notices, refunds, speeding tickets and electricity bills. Contrary to work in the past, SophosLabs has seen a rise in spam where the grammar is often more properly written and perfectly punctuated.

“Even money laundering is localised to be more lucrative. Credit card processing can be risky for criminals, so they started using anonymous Internet payment methods to extort money from ransomware victims,” says Wisniewski.

There were also specific strains of different ransomware that targeted specific locations. SophosLab found that versions of CryptoWall predominantly hit victims in the U.S., U.K., Canada, Australia, Germany and France, TorrentLocker attacked primarily the U.K., Italy, Australia and Spain and TeslaCrypt honed in on the U.K., U.S., Canada, Singapore and Thailand.

“Cybercriminals are programming attacks to avoid certain countries or keyboards with a particular language,” says Wisniewski. “This could be happening for many reasons. Maybe the crooks don’t want attacks anywhere near their launch point to better avoid detection. It could be national pride or perhaps there’s a conspiratorial undertone to create suspicion about a country by omitting it from an attack.”

With cybercriminals having a deliberate hand in creating threats that look authentic and are specifically targeted, it is more difficult to recognise malicious spam – a good reason to have some decent cyber security and a sharp eye to detail!

Who's watching you? 
With privacy an increasing concern amongst the public, users should be more aware than ever of what personal data companies hold.
Fake apps on Google Play scamming users out of cryptocurrency
Fake cryptocurrency apps on Google Play have been discovered to be phishing and scamming users out of cryptocurrency, according to a new report from ESET.
Managing data to comply with privacy regulations - Micro Focus
It’s crucial for organisations to be able to access, understand, and accurately classify the data they have so they know how to treat it.
Hackbusters! Reviewing 90 days of cybersecurity incident response cases
While there are occasionally very advanced new threats, these are massively outnumbered by common-or-garden email fraud, ransomware attacks and well-worn old exploits.
SEGA turns to Palo Alto Networks for cybersecurity protection
When one of the world’s largest video game pioneers wanted to strengthen its IT defences against cyber threats, it started with firewalls and real-time threat intelligence from Palo Alto Networks.
Forrester names Trend Micro Leader in email security
TrendMicro earned the highest score for technology leadership, deployment options and cloud integration.
LogRhythm releases cloud-based SIEM solution
LogRhythm Cloud provides the same feature set and user experience as its on-prem experience.
The impact of bringing biometrics to the door
"Despite the benefits of biometrics, there have been impediments to its broader enterprise adoption."