Cybersecurity Alert: Personnel Involved in SEC Filings Targeted by Spear Phishing Attack

March 8, 2017

A spear phishing campaign that targets individuals involved in regulatory filings with the U.S. Securities and Exchange Commission ("SEC") was identified in late February 2017. The spear phishing emails have a spoofed sender of "EDGAR <filings@sec.gov>" with an attachment named "Important_Changes_to_Form10_K.doc." The attachment contains a malware-infected VBS script that installs a PowerShell backdoor that can be used to steal sensitive information from the infected machine.

For more information, see https://www.fireeye.com/blog/threat-research/2017/03/fin7_spear_phishing.html

ACA Aponix Guidance

ACA Aponix recommends taking the following precautionary measures to prevent malware infections via spear phishing emails:

  • Warn your staff about this attack and train them how to identify and prevent phishing and spear-phishing attacks;
  • Do not open attachments included in unsolicited emails;
  • Check links contained in emails by hovering over them before clicking; and
  • Make sure antivirus and anti-spyware software is up-to-date.

If you have any questions, please contact your ACA Aponix consultant or email us at info@acaaponix.com.