A new spear phishing campaign is taking aim at hedge fund managers and private equity
fund advisors. Researchers have discovered emails made to look as though they’d been forwarded among a group of colleagues and claiming to contain information from the New York Stock Exchange about carried interest fees.
“Carried interest is a particular topic of interest to hedge and private equity funds. It literally can be defined as an accounting process required submitting the return income to funds and its tax status is a subject of some debate, explains Spamfighter.com.”
The recipient is encouraged to open the included attachment, which appears to be a PDF file but is really a hidden executable. Once opened it installs a keylogger onto the unsuspecting victim’s computer. The keylogger then sends information about every keystroke to a remote server. Since hedge and private equity fund advisors handle accounts containing very large sums of money, it’s not surprising that phishing scammers are going after them. The days of phishers launching large scale generalized attacks hoping for few profitable “fish” in their nets are dwindling fast. Highly specialized and targeted attacks are their preferred MOs and such attacks are rising fast. Spam carrying malicious payloads is also rising as traditional spam sinks.
Spammers and scammers are after big paydays and have little patience for much else. They know people are becoming more and more educated about traditional spamming and phishing techniques and have been working hard to refine them and create more sophisticated means of attack.