Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

New Spear Phishing Campaign Targets 27 Famous Brands With Malicious SLK Files

Stu Sjouwerman | Feb 20, 2020

angler_phishing-1A new spear phishing campaign is targeting twenty-seven companies around the world with malicious SLK (Symbolic Link) files, according to BleepingComputer. The attackers pose as a real client or vendor of the targeted company, and they do so with relatively convincing branding. They send emails relating to business transactions. These emails contain SLK files, which by default are opened in Microsoft Excel.

If a user opens the file, the document will show an empty Excel spreadsheet with a box saying “Enable Editing and Enable Content to display this document.” If the user clicks the button in Excel to enable content, the SLK file will be allowed to run commands on their computer.

After the button is clicked, the file will execute a series of commands and eventually uses Windows Installer to download the NetSupport Manager remote access Trojan to the victim’s computer.

This phishing campaign is targeting companies in a wide variety of industries, including software, chemicals, healthcare, mining, oil and gas, machinery, utilities, transportation, telecommunications, retail, and banking. Some of the companies are very well-known, including JCPenney, Glad, and Hasbro.

BleepingComputer notes that it’s worth taking the time to call someone to verify emailed requests.

“To protect yourself and your corporate networks from targeted phishing attacks like this, it is recommended that you always contact the sender at their corporate number,“ BleepingComputer says. “While calling them to confirm just adds another task to a busy schedule, it will also give you peace of mind that the email is legitimate.”

In this case, however, it’s better to just assume that any document that asks you to enable content is malicious. It’s important to note that, in most cases, malicious documents are harmless as long as the user knows not to click the “Enable content” or “Enable editing” buttons. New-school security awareness training can help ensure that your employees know how to avoid falling for these attacks.

BleepingComputer has the story: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/

Topics: Social Engineering Phishing Security Awareness Training

Discover Your Organization’s Phish-prone™ Percentage

Ninety-one percent of data breaches begin with spear phishing. Launch our Free Phishing Security Test for up to 100 users to uncover your team's vulnerability and see how your security posture stacks up against industry benchmarks.

Get Your Free Phishing Security Test

Secure the Digital Workforce: Human + AI

KnowBe4 empowers the modern workforce to make smarter security decisions every day. Trusted by more than 70,000 organizations worldwide, KnowBe4 is the pioneer of digital workforce security, securing both AI agents and humans. The KnowBe4 Platform provides attack simulation and training, collaboration security, and agent security powered by AIDA (Artificial Intelligence Defense Agents) and a proprietary Risk Score. The platform leverages 15 years of behavioral data to combat advanced threats including social engineering, prompt injection, and shadow AI. By securing humans and agents, KnowBe4 leads the industry in workforce trust and defense.

Stu Sjouwerman

ABOUT STU SJOUWERMAN

Stu Sjouwerman (pronounced “shower-man”) is the Founder and Executive Chairman of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

Read more from Stu »

Subscribe the KnowBe4 Blog

Posts By Topic

View All