Connect with us

Привет, что-то ищете?

The Times On Ru
  1. The Times On RU
  2. /
  3. Бизнес
  4. /
  5. Solar Group: hackers steal data from Russian companies under the ..

Бизнес

Solar Group: hackers steal data from Russian companies under the guise of conducting “information security lessons”

Experts from the Solar AURA Center for External Digital Threats of the Solar Group have identified a fake email on behalf of Russian departments warning about conducting “information security lessons” for employees of Russian companies. However, instead of real information security specialists, attackers contact employees and convince them to hand over confidential data about the company.

Fake letters on behalf of departments are sent to the heads of Russian companies. The attachment contains an electronic document on the letterhead of a non-existent department, which allegedly notifies of plans to hold consultation conversations with company employees on issues of ensuring information security and personal data protection.

According to the “document”, the content of the conversations is confidential and not subject to disclosure, and the head of the organization who received the letter should warn his subordinates about the upcoming call.

After this, the “trained” company employees receive calls, but not from information security specialists, but from attackers. They induce employees to transfer confidential information, including to enter the company’s information infrastructure. Obviously, there are two possible scenarios: the obtained data is sold on the black market or directly used to carry out an attack.

“Previously, we reported on a scheme where the CEO supposedly writes to employees on a Telegram account and warns them about an upcoming call from the FSB, but in this case the “weak link” is the head of the company himself. If he believes the information contained in the letter and personally warns employees about the future conversation, then the attackers’ chances of success will significantly increase. It’s safe to say that we are observing a new round in the development of social engineering, which is becoming more sophisticated each time and arouses less and less suspicion among victims,” explained Igor Sergienko, director of the Solar AURA external digital threat monitoring center of the Solar Group «.

To protect against social engineering, Solar AURA experts recommend following the following rules:

  1. Do not dictate one-time codes or passwords over the phone and do not forward them to anyone.
  2. Do not provide personal information on suspicious and unofficial websites, as well as in conversations with strangers.
  3. When receiving a letter to the organization on behalf of government authorities without an electronic signature, you should contact the records management department of this authority to clarify the accuracy of the information.
  4. Use anti-virus software for additional protection against malware and phishing attacks.
Оставить комментарий

Leave a Reply

Ваш адрес email не будет опубликован. Обязательные поля помечены *

Стоит Посмотреть

Новости По Дате

Июль 2024
Пн Вт Ср Чт Пт Сб Вс
1234567
891011121314
15161718192021
22232425262728
293031  

Вам может быть интересно:

Политика

Арестович: межконтинентальная баллистическая ракета поразила Южмаш Алексей Арестович. Фото: кадр из видео. Бывший советник офиса президента Украины Алексей Арестович* (включен в список террористов и...

Технологии

Подведены итоги международного форума, посвященного долголетию Механизмы старения и пути воздействия на них обсудили участники первого международного форума «Путь долгожителей», собравшего 122 специалиста из...

Бизнес

Официальный курс доллара превысил 107 рублей, такой отметки американская валюта достигла в кризисном марте 2022 года. Эксперты, опрошенные «Коммерсантъ FM», уверены, что это не...

Культура

ZenМОСКВА, 8 декабряПрезидент России Владимир Путин наградил актера Сергея Маковецкого орденом «За заслуги в области культуры и искусства», соответствующий указ размещен на сайте официального...