SMEs targeted by cyber attacks
In the past few days, the Reporting and Analysis Centre for Information Assurance Melani has received an increasing number of reports from Swiss SMEs who have received suspicious spam e-mails. The reported e-mails apparently originated from alleged business partners and attempted to infect the recipient of the e-mail with an e-banking Trojan, as reported by Melani. In a recently reported case, which concerned a company in Fribourg, a seven-digit amount was stolen using the same Trojan.
In many cases, this is an alleged fax message sent by e-mail. A common subject of such emails is "Fax message has been received" with a file attachment named "FAX_XXXXXXXXXXXX.zip", where X stands for any number. These emails were not sent via spam botnets, as is usually the case, but were actually sent via the sender's account. The malware contained in the zip file steals the victim's address book and then sends itself to the recipients contained therein, such as Melani further emphasized. Since the senders of these e-mails are not fake and, moreover, in many cases are actually business partners of the addressees, there is an increased risk that the latter will open the attachment and become infected with malware.
Melani writes that attackers are increasingly targeting SMEs. This is favored by the fact that many SMEs are insufficiently protected against threats from cyberspace. The problem does not necessarily lie with the SMEs, but often also with the IT service providers commissioned, who in some cases neglect IT security to a great extent. This is exacerbated by the fact that the responsibilities between customer and provider are insufficiently regulated.
