The fake pdf attached to the "PURCHASE ORDER 05-30-2023" email contains a link, from which you download a tgz file with a TAR, inside which there is an exe: the malware.
Cybersecurity, ENISA draws up the top cyber threats for EU
ENISA just released the “Threat Landscape 2020” report. It dentifies and evaluates the top cyber threats for the period January 2019-April 2020. Malware is in first place, followed by web-based attack and phishing
The 2020 top 15 threats against european cybersecurity are:
Web Application Attacks
Distributed Denial of Service (DDoS)
Physical Manipulation, Damage, Theft and Loss
They have been identified by ENISA in the “Threat Landscape 2020” (ETL) report. It dentifies and evaluates the top cyber threats for the period January 2019-April 2020. This year’s publication is divided into 22 different reports, available in pdf form and ebook form. The combined report lists the major change from the 2018 threat landscape as the COVID-19-led transformation of the digital environment. During the pandemic, cyber criminals have been seen advancing their capabilities, adapting quickly and targeting relevant victim groups more effectively.
The focal points in the ETL report
According the cybersecurity experts, the ENISA Threat Landscape report highlights important aspects and trends related to the threat landscape:
- There will be a new norm during and after the COVID-19 pandemic that is even more dependent on a secure and reliable cyberspace;
- The number of fake online shopping websites and fraudulent online merchants reportedly has increased during the COVID-19 pandemic. From copycats of popular brands websites to fraudulent services that never deliver the merchandise, the coronavirus revealed weaknesses in the trust model used in online shopping;
- The number of cyberbullying and sextortion incidents also increased with the COVID-19 pandemic. The adoption of mobile technology and subscription to digital platforms makes younger generations more vulnerable to these types of threats;
- Malicious actors are using social media platforms to increase efficiency in targeted attacks;
- Financial reward is still the main motivation behind most cyber attacks;
- Finely targeted and persistent attacks on high-value data, such as intellectual property and state secrets, are being meticulously planned and executed often by state-sponsored actors;
- Massively distributed attacks with a short duration and wide impact are used with multiple aims such as credential theft;
- The number of phishing victims in the EU continues to grow with malicious actors using the COVID-19 theme to lure them in. COVID-19-themed attacks include messages carrying malicious file attachments and messages containing malicious links that redirect users to phishing sites or malware downloads;
- Business Email Compromise (BEC) and COVID-19-themed attacks are being used in cyber-scams resulting in the loss of millions of euros for EU citizens and corporations. European Small and Medium Enterprises (SMEs) have also fallen victim of these threats in a time when many are going through severe financial difficulties due to the loss of revenue;
- Ransomware remains widespread with costly consequences to many EU organisations;
- Many cybersecurity incidents still go unnoticed or take a long time to be detected;
- The number of potential vulnerabilities in a virtual or physical environment continues to expand as a new phase of digital transformation arises (as technology will keep diversifying);
- With more security automation, organisations will invest more in preparedness using CTI as their main capability.