Change language
Change country

Kyocera Cyber thwarts another phishing campaign

2024 Kyocera Cyber thwarts another elaborate phishing campaign.
Kyocera Cyber thwarts another phishing campaign

In March Kyocera’s cybersecurity team assisted a customer targeted with yet another well organised phishing attack.

We’ve all heard about phishing attempts where an employee receives an email purportedly from the CEO, asking for the transfer of a large sum of money to an unknown account. This straightforward yet suspicious approach usually raises alarm bells and tends to be unsuccessful.

However, in this instance a transfer was seemingly being requested by a senior member of the business. It had an elaborate email chain attached to it between multiple parties within the customer estate. This went into considerable detail about an existing supplier, which had recently featured in the press regarding a takeover. As a result, according to this email, the supplier had new payment requirements. This forms a coherent and quite plausible narrative.

Fortunately, the customer was suspicious and called our cybersecurity professionals in to investigate. The team forensically went through the logs and spotted the slightest error in email address (an “e” missing) and found the email chain had been intercepted by a compromised third party hence making the chain more plausible. The team confirmed that this was a sophisticated phishing attempt, checked that there were no breaches in the customer’s IT estate and ensured no fraudulent financial transactions had occurred. The team took protective actions by scrapping the email chain from the systems to prevent further issue and blocking the suspect domains and IP addresses.

This incident demonstrates the amount of research and personalisation criminals put into making phishing work, to try and fool even the most alert employees into believing something is authentic. It’s surprisingly easy for criminals to craft these “social engineering” narratives, as information like your suppliers, employee names and contact details, and mergers and acquisitions can all be found on your website, through social media and elsewhere on the internet.

Employee training is key to preventing these phishing attempts from being successful. As a managed cybersecurity provider, we provide learning and simulation services to train staff to be on the lookout for even the most sophisticated social engineering attempts, as well as providing the investigation of suspicious activities and defence against active threats.

Learn more about our Cyber Security solutions

  • Managed Endpoint Detection & Response (M-EDR)

    Managed Endpoint Detection & Response (M-EDR)

    M-EDR protects against ransomware, zero-day malware, fileless attacks, phishing and more.

  • Kyocera Managed Disaster Recovery Service - KMDRS

    Our solution encompasses everything a customer needs for data endurance in one package, managed by an established accredited MSP.

  • Kyocera Managed Backup Service

    Builds business resilience for customers, by providing an all-encompassing service which alleviates customers pain points.

Cookies and your privacy

We use essential cookies to make interactions with our website easy and effective, statistical cookies for us to better understand how our website is used and marketing cookies to tailor advertising for you. You can select your cookie preferences using the 'Preferences' button below, or select 'I agree' to continue with all cookies.

Cookie preferences

Field is required

We use cookies to make sure that our website is working properly or, occasionally, to provide a service on your request (such as managing your cookie preferences). These cookies are always active unless you set your browser to block them, which may prevent some parts of the website from working as expected.

Field is required

These cookies allow us to measure and improve the performance of our website.

Field is required

These cookies are only placed in case you give your consent. We use Marketing cookies to follow how you click and visit our websites in order to show you content based on your interests and to show you personalised advertisement. Currently you do not accept these cookies. Please check this box if you would like to.