Researchers at INKY warn that a phishing campaign is attempting to distribute malware by impersonating PepsiCo.
“As usual, it all starts with a phishing email,” the researchers write. “In this case, the phishers are impersonating the PepsiCo brand, pretending to be potential clients. They are claiming to need what the recipient sells and they’re asking them to submit a quote for PepsiCo to review. What the would-be victim doesn’t know is that attached to the email is a malicious disk image, disguised as a RFQ (Request for Quote). One click will infect the victim’s computer.”
INKY explains that the emails are fairly convincing and detailed in terms of business jargon:
- “As mentioned, the sender’s email address was spoofed. What shows is me@pepsico[.]com and the sender’s display name uses that of an actual PepsiCo employee who is responsible for procurement management."
- “It is becoming common practice for cybercriminals to create phishing emails with a good amount of detail so they seem more convincing. You’ll notice this email comes with a lot of information, as well as a threat their RFQ could be rejected if they don’t follow the specific instructions outlined in the email."
- “A common phishing technique is to create urgency. The phisher does that by imposing a deadline for the RFQ.”
INKY notes that the attackers chose to impersonate PepsiCo in order to cast a wide net for potential targets.
“With phishing emails, it’s important to choose a brand that prompts readers to act,” the researchers write. “PepsiCo’s product portfolio boasts more than 500 different brands, including its flagship Pepsi product, Frito-Lays, Gatorade, Quaker, Lipton, Doritos, Rold Gold, Starbucks RTD beverages, and many more. With 291,000 employees located all over the world, PepsiCo is a global powerhouse. The way in which this phishing email was deployed also aids in its success. To evade geographical filters, these emails were sent from several U.S.-based virtual private servers controlled by bad actors. Also, the phishers used a ‘spray and pray’ technique - meaning they sent out large quantities of the email in hopes that a percentage of recipients would fall for the scam and click on the malicious link.”
KnowBe4 enables your workforce to make smarter security decisions every day. Over 65,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.
INKY has the story.
