FIN7.5: The Infamous Cybercrime Rig "FIN7" Continues Its Activities (May 8, 2019)
Recommendation: Defense-in-depth (layering of security mechanisms, redundancy, fail-safe defence processes) is the best way to ensure safety from sophisticated threat groups, including a focus on both network and host-based security. Prevention and detection capabilities should also be in place. Furthermore, all employees should be educated on the risks of spear phishing and how to identify such attempts.
Indicators of Compromise (IOCs) associated with this story can be viewed by ThreatStream users here to identify potential malicious activity.