Big businesses are not the only ones suffering from targeted attacks; small-and-mid-size businesses (SMBs) are now also increasingly at risk to these attacks.
This emerging trend is highlighted in Trend Micro's new research report titled "Predator Pain and Limitless: When Cybercrime Turns into Cyberspying".
The report outlines two malwares - Predator Pain and Limitless - which are used by criminals to carry out targeted attacks on SMBs through email addresses commonly listed on websites. These are low hanging fruit for cybercriminals, said the IT security company, as most organisations support these general email addresses.
According to Trend Micro, attackers send their targets deceptive socially engineered emails that infiltrate the network. Through these attacks, threat actors are capable of stealing system information, keystrokes, stored browser-cached account credentials, Instant Message conversations and desktop screenshots.
The attackers are also able to capture webmail accounts and monitor on-going business transactions, allowing them to hijack the transaction to redirect payments to accounts they control, for instance.
Sign up for Computerworld eNewsletters.