Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    Cybercrime Targets: C-Level execs, HR managers and System Admins

    cybercrime senior management

    According to a recent research of Group-IB on cybercrime, senior management is considered among most popular targets.

    Group-IB is one of the leading companies in fraud prevention, cybercrime and high-tech crime investigations. The firm reported that cyber criminals use personal and confidential data of senior management of different financial institutions and companies for targeted attacks, including fraud and online-banking theft.

    C Level executives are being targeted and drilled down on with specific attacks meanwhile HR managers are targeted due the sensitive information they manage. 

    Below is a good example, it's a post from an underground forum that demonstrates the hacker’s interest to confidential data on CEO and top management of different well known brands, following the translation from Russian:

    “Will buy information about the following companies: 

    - Linkedin, Verizon, GoDaddy, British American Tobaco, Dupont, Pepsi, Names.co.uk, Facebook (private companies) 

    - Commerzbank, Reiffeisen, RBS, Bank of America, Wells, Wachovia, Citibank + any russians, having online-banking

    Interested in email + password, any stolen accounts of its employees in social networks (Facebook + Linkedin), will pay good, before selling need to have a garant and checking.

    Interested in hacked accounts and data on:

    - system administrators;

    - top managers (operational managers, heads of the departments)

    Reach me only through PM, confidential and in 1 hands

    WIll talk only under OTR/NDC encryption in Jabber, don’t use ICQ “

    According to the statistics, the most valuable types of information that are popular on the black market are:

    • Annual accounting balances and financial reports; 
    • Project plans and strategies of the company for several years;
    • Intellectual property and innovations used for successful business;
    • Customers databases and partners’ contacts (CRM);
    • Employees databases (Intranet systems);
    • Credentials to corporate e-mails and personal e-mails of employees;
    • Internal network infrastructure and its specifics.

    It is obvious that C-Level execs and HR managers's email addresses are also often the easiest ones to obtain, so they become an easy target for spear-phishing attacks and are the first people that need high-quality security awareness training. System admins are more trained to spot and delete spam and phishing, but they sure are a target too!

    Hat Tip to the Security Affairs Blog

     

     

    Return To KnowBe4 Security Blog

    Topics: Social Engineering, Spear Phishing, Security Awareness Training

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe to Our Blog


    Security Awareness Training
    Blog RSS Feed
    Comprehensive Anti-Phishing Guide
    All Posts

    Posts by Tag

    See all

    Posts By Topic

    View All

    Get the latest about social engineering

    Subscribe to CyberheistNews