Exposed: Scam Artists Mimicking PepsiCo in Phishing Schemes

New Malware Strains Found in Phishing CampaignResearchers at INKY warn that a phishing campaign is attempting to distribute malware by impersonating PepsiCo.

“As usual, it all starts with a phishing email,” the researchers write. “In this case, the phishers are impersonating the PepsiCo brand, pretending to be potential clients. They are claiming to need what the recipient sells and they’re asking them to submit a quote for PepsiCo to review. What the would-be victim doesn’t know is that attached to the email is a malicious disk image, disguised as a RFQ (Request for Quote). One click will infect the victim’s computer.”

INKY explains that the emails are fairly convincing and detailed in terms of business jargon:

  1. “As mentioned, the sender’s email address was spoofed. What shows is me@pepsico[.]com and the sender’s display name uses that of an actual PepsiCo employee who is responsible for procurement management."
  2. “It is becoming common practice for cybercriminals to create phishing emails with a good amount of detail so they seem more convincing. You’ll notice this email comes with a lot of information, as well as a threat their RFQ could be rejected if they don’t follow the specific instructions outlined in the email."
  3. “A common phishing technique is to create urgency. The phisher does that by imposing a deadline for the RFQ.”

INKY notes that the attackers chose to impersonate PepsiCo in order to cast a wide net for potential targets.

“With phishing emails, it’s important to choose a brand that prompts readers to act,” the researchers write. “PepsiCo’s product portfolio boasts more than 500 different brands, including its flagship Pepsi product, Frito-Lays, Gatorade, Quaker, Lipton, Doritos, Rold Gold, Starbucks RTD beverages, and many more. With 291,000 employees located all over the world, PepsiCo is a global powerhouse. The way in which this phishing email was deployed also aids in its success. To evade geographical filters, these emails were sent from several U.S.-based virtual private servers controlled by bad actors. Also, the phishers used a ‘spray and pray’ technique - meaning they sent out large quantities of the email in hopes that a percentage of recipients would fall for the scam and click on the malicious link.”

KnowBe4 enables your workforce to make smarter security decisions every day. Over 65,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.

INKY has the story.

Free Phishing Security Test

Would your users fall for convincing phishing attacks? Take the first step now and find out before bad actors do. Plus, see how you stack up against your peers with phishing Industry Benchmarks. The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.

PST ResultsHere's how it works:

  • Immediately start your test for up to 100 users (no need to talk to anyone)
  • Select from 20+ languages and customize the phishing test template based on your environment
  • Choose the landing page your users see after they click
  • Show users which red flags they missed, or a 404 page
  • Get a PDF emailed to you in 24 hours with your Phish-prone % and charts to share with management
  • See how your organization compares to others in your industry

Go Phishing Now!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

Subscribe To Our Blog

Comprehensive Anti-Phishing Guide

Get the latest about social engineering

Subscribe to CyberheistNews