Other phishing email samples collected were more generic and contained holiday greetings.
The more targeted themes of subsequent emails related to interview requests from news organizations, including the AFP and BBC, as well as invitations to charity dinners. TEMP_Heretic will then send tailored phishing emails containing a malicious link. In total, 74 unique Microsoft Outlook email addresses have been used to send the preliminary emails, which contain generic images and subjects, including invitations, alerts, and airline ticket refunds.Īlso: Silkworm security? Researchers create new authentication method using silk fibers The threat actor will first perform reconnaissance and will use tracker-embedded emails to see if an address was valid and if a target would even open emails in the first place - and if so, the second stage of the attack chain triggers. In a security advisory, Volexity said the campaign, dubbed "Operation EmailThief," was first discovered in December 2021 and is likely the work of Chinese cybercriminals.Īccording to the team, TEMP_Heretic is careful in its selection of potential victims. On February 3, cybersecurity researchers from Volexity, Steven Adair and Thomas Lancaster, said a threat group is exploiting the system tracked as TEMP_Heretic in a series of spear phishing email attacks. According to the developer, the platform supports hundreds of millions of mailboxes located in 140 countries. Zimbra is an email platform available under an open source license.
41 impressive questions to ask in a job interviewĪ roundup of the best software and apps for Windows and Mac computers, as well as iOS and Android devices, to keep yourself safe from malware and viruses.