Hotel employees should think twice about emails from alleged guests. A pervasive #SocialEngineering campaign is targeting hotels worldwide with password-stealing malware that begins with service complaints or requests for information over email, followed by links to malicious payloads.
The 'complaint'-style messages include accusations of violent incidents or bigoted behavior by hotel staff, as well as claims of lost or stolen items.
'Requests for information' messages involve inquiries about severe allergies, hotel support for business meetings, or accessibility.
Once the hotel responds, the threat actor sends what they came to be supporting documentation — but instead, it's a #malware payload wrapped in a password-protected archive file. The links point to documents on public cloud storage services, which contain a password (usually numeric) that the recipient is prompted to use to open the Zip or Rar archive at the other end of the download link.
While #hospitality staff email security training is essential to stave off these attacks, additional layers of protection mitigate the risk of human error. Sophos #endpoint security products are specifically designed to detect the malware identified in these cases and block attempts to exfiltrate credentials. Learn more: https://bit.ly/3S8tj4Q
Add comment