Check Point warns of a major phishing campaign set up with the help of forged Gmail accounts.
Check Point Research has discovered a phishing campaign that uses fake Gmail accounts and targets users worldwide. The hackers want to use an updated version of the Rhadamanthys Stealer to steal data from their victims. They try to convince them to click on something by sending emails that appear to come from well-known companies. Check Point itself, for example, is mimicked by the criminals.
Copyright violations
In this campaign, victims receive emails that appear to come from legitimate companies and accuse them of copyright infringement on social media platforms, such as Facebook. Through forged Gmail accounts, the cybercriminals send messages capitalizing on the victim’s language and location to increase the credibility of the threat.
read also
Attackers abuse Gmail for large phishing campaign
The campaign targets several industries and countries, including the United States and Europe. Check Point reports that most of the impersonations target companies in the entertainment, media, technology and software sectors. The method of attack, which Check Point calls the CopyRh(ight)adamantys campaign, appears to be primarily aimed at financial gain and does not appear to be tied to any state.
Major impact
Check Point points out the major impact of phishing campaigns. According to recent Febelfin research, in 2023 alone, 40 million euros was captured from Belgian consumers by phishing attacks imitating financial institutions.
Moreover, the potential spoils for attackers are greater than ever. After all, in the context of hybrid working, the separation between professional systems and private IT environments is not always sufficient. Anyone who convinces an employee to install malware via a private message can thus gain access to company data.