Security company Sophos has warned organisations to be aware of a growing trend among cybercriminals to target specific groups of organisations and geographical areas when designing ransomware and other malicious cyberattacks – with the charity sector a potential target.
The warning comes after the team at SophosLabs analysed data from millions of endpoints worldwide.
To lure more victims with their attacks, cybercriminals are now crafting customised spam to carry threats using regional vernacular, brands and payment methods for better cultural compatibility, the company says.
Ransomware cleverly disguised as authentic email notifications, complete with counterfeit local logos, is more believable, highly clickable and therefore more financially rewarding to the criminal.
To be as effective as possible, these scam emails now impersonate local postal companies, tax and law enforcement agencies and utility firms, including phony shipping notices, refunds, speeding tickets and electricity bills. SophosLabs has seen a rise in spam where the grammar is more often properly written and perfectly punctuated.
Researchers also saw historic trends of different ransomware strains that targeted specific locations. Versions of CryptoWall predominantly hit victims in the US, UK, Canada, Australia, Germany and France. TorrentLocker attacked primarily the UK, Italy, Australia and Spain. TeslaCrypt honed in on the UK, US, Canada, Singapore and Thailand.
Harder to spot
“You have to look harder to spot fake emails from real ones,” said Chester Wisniewski, senior security advisor at Sophos. “Being aware of the tactics used in your region is becoming an important aspect of security.”
The concept of filtering out specific countries has also emerged as a trend.
“Cybercriminals are programming attacks to avoid certain countries or keyboards with a particular language,” Wisniewski added. “This could be happening for many reasons. Maybe the crooks don’t want attacks anywhere near their launch point to better avoid detection. It could be national pride or perhaps there’s a conspiratorial undertone to create suspicion about a country by omitting it from an attack.”
Funding will help to address critical humanitarian problems around the world
Tech for Good programme invites applications to help more charities achieve social change through technology
Colleagues at Shop Direct have raised £210,000 in just 12 months to support the development of a new digital app for Alder Hey Children’s Hospital
New digital investment service for charities will provide access to the biggest selection of charity-specific investment funds