The leader of the Cobalt hacking group was arrested in Spain two months ago, but the gang resurfaced at the end of May. Their spear phishing emails started hitting victims' in-boxes again on May 23rd. Their targets are primarily banks in Russia and the former Soviet republics of the Near Abroad, but there are signs that they're expanding globally.
They're distributing their familiar CobInt Trojan by getting people to click a link in the email that takes them to an infected site. The security company that found the campaign, Group-IB, says the spear phishing emails represent themselves as coming from Kaspersky Lab.
Needless to say it is not from Kaspersky Lab. The bogus emails tell the recipient that their computer has been named in an unspecified complaint involving violations of unspecified regulations. The victim is instructed to "view complaint" and "provide detailed explanation in regard to this issue."
In several respects the phishbait is well-crafted. One nice touch: the email tells the recipient not to reply, as it was sent from a "notification only account that does not accept incoming messages."
The campaign is noteworthy for its rush-rush scare tactics. If the victim doesn't reply within forty-eight hours, the email says, "we will be entitled to take action and impose sanctions to your web resources." It's the sort of threat that a poorly informed employee might fall for.
New-school security awareness training can forearm people in any organization against this kind of social engineering. The Cobalt gang has long been a dangerous one. They're said, by law enforcement and security experts, to have pulled in on average about $11.5 million per caper.
The ROI calculation here clearly shows budget for training to recognize and properly respond to phishing will have very fast payback. Bleeping Computer has the story.
Whitepaper Download: Forrester Total Economic Impact Study
KnowBe4 recently commissioned Forrester to conduct a Total Economic Impact™ (TEI) study, examining the potential Return on Investment (ROI) enterprises might realize by implementing the KnowBe4 Security Awareness Training and Simulated Phishing Platform.
The resulting research paper assesses the performance of the KnowBe4 Platform. How does 127% ROI with a one-month payback sound?
At the end of the study, you will have a framework to evaluate the ROI of the KnowBe4 Security Awareness Training and Simulated Phishing Platform on your organization, and how you can leverage your end-users as your last line of defense using KnowBe4.
The value of KnowBe4 goes beyond ROI. Download the study here