DanaBot Riding Fake MYOB Invoice Emails
(Jul 16, 2018)
Recommendation: Financially themed phishing emails are a common tactic among threat actors, therefore, it is crucial that your employees are aware of their financial institution’s policies regarding electron communication. If a user is concerned due to the scare tactics often used in such emails, they should contact their financial institution via legitimate email or another form of communication. Requests to open a document in a sense of urgency and poor grammar are often indicative of malspam or phishing attacks. Said emails should be properly avoided and reported to the appropriate personnel.
Indicators of Compromise (IOCs) associated with this story can be viewed by ThreatStream users here to identify potential malicious activity.