Here’s a thought on how a particular industry sector (Accountants) can be targeted.

On this occasion fewer than 100 accountants in the financial service sector were targeted for there data, using a blend of techniques that took advantage of their daily reliance and familiarity with macros within documents and spreadsheets. A message was socially engineered for the victims, leading them to open the attached Microsoft Excel document and then run the macros.

Once they did this, the macro contacted a website and downloaded an executable that opened a backdoor into the machines to progress the attack through the Kill Chain. A second round of the campaign occurred one day later, with different attributes. (i.e. sender and subject).

6th-januarry