Targeted phishing emails get more personal

New investigations find that Phishing schemes have gotten even more diabolical. The email scam campaigns use personal information to appear authentic, which leads victims to divulge information and open infected links. TLDR: If you didn't ask for it, don't click on it.

According to the Proofpoint Blog - 

Additionally, TA530 customizes the email to each target by specifying the target’s name, job title, phone number, and company name in the email body, subject, and attachment names. On several occasions, we verified that these details are correct for the intended victim. While we do not know for sure the source of these details, they frequently appear on public websites, such as LinkedIn or the company’s own website. The customization doesn’t end with the lure; the malware used in the campaigns is also targeted by region and vertical.

In one email targeting a retail company, the attacker attempted to infect a manager. In that particular message, the actor used the target's name, phone number, and the company they work for to “report” an incident at one of the retail locations using the actual address of that location. If the target were to open the attachment, it contained a malicious Word document that would infect the entire company's computer network.