Skip to main content

Customer complaint phishing campaign targets corporate networks

(Image credit: Photo Credit: andriano.cz/Shutterstock)

Researchers have identified a new phishing scam, which lures victims into installing malware using fake customer complaint queries.

According to Bleeping Computer,  employees of various companies have received emails from their supposed corporate lawyer, containing a malicious PDF attachment disguised as a customer complaint.

Clicking on the link brings the user to a page containing an executable file: Preview.PDF.exe.

Upon download, the executable file injects itself into the legitimate C:\Windows\system32\svchost.exe folder and connects to the hacker's remote command & control server, sending data and receiving further instructions.

Researchers claim the malware being installed is Cobalt Strike, which provides attackers “full access to the victim's computer and can use it to compromise the rest of the network to install ransomware or steal data to be used for extortion.”

Employees are advised to remain vigilant and exercise caution when clicking on email links and downloading files, regardless of the file extension.

Sead Fadilpašić

Sead is a freelance journalist with more than 15 years of experience in writing various types of content, from blogs, whitepapers, and reviews to ebooks, and many more, across sites including Al Jazeera Balkans, TechRadar Pro, IT Pro Portal, and CryptoNews.