Peter Pan and the cybercriminal Zbot

Our news article in June, Two weeks to prepare for cyber attack, warned of the sophisticated and powerful cyber malware attack, Game Over Zeus, which sat silently on computers targeting financial transactions or activating ransomware after encrypting valuable data. Well it seems to have returned under the guise of Peter Pan.

This time Small and Medium sized Businesses (SMB) are being targeted with emails fictitiously confirming their Peter Pan pantomime ticket orders. The email contains a spoofed ‘order confirmation’ attachment crafted to look like a PDF. Instead, the attachment in this case is a Zbot; a malware toolkit which allows cybercriminals to build their own Trojan Horse. This one is thought to contain cryptolocker, ransomware and various other malicious programmes which are capable of stealing your user logon details and social media logons such as Facebook and Twitter. SMBs are being targeted in the belief that their users are often less concerned about opening suspicious emails at work than they would be on their own home computers. A risk that SMBs should work hard to tackle through policy and user education, which will normally form part of an organisation’s Information Security Management Systems (ISMS).

Whilst employees must take responsibility for their adherence to the organisation’s security policies, it is ultimately down to the employer to ensure that they are appropriately trained. Security training for all staff, whether permanent, temporary or a contractor should begin during the induction process, and be followed by regular refresher training and briefings. Educating staff about security will not only help them to recognise possible risks and vulnerabilities but will also assist the organisation in identifying new threats from the feedback they receive from a more alert workforce.

Anyone receiving the Peter Pan pantomime ticket email is advised to delete it immediately. For more information on how Regency can help with reacting to potential malware, training or implementing / refining your ISMS why not explore the Regency website or call us on the number provided.