A notorious cybercriminal gang is calling customer service of businesses and tricking them into opening malicious e-mail attachments, which will, as a result, install the malware in their system. The hack is meant to steal credit card information of the customers who made the payment. The Carbanak gang, which was alleged of stealing around 1 billion from different banks, is suspected to be the brain behind these hacks. Trustwave security firm has mentioned three of its clients had stumbled upon malware with the similar kind of coding found in prior Carbanak attacks. Trustwave’s global director of incidence response, Brian Hussey mentioned in a comment that the certain campaign has been preying on the hospitality industry.
The calls from the hackers will appear to be a customer calling to troubleshoot a reservation information and a mail will be sent to the service agent containing a word document with their reservation details. This word document is designed as such to download malware. Hussy added that the hackers are very determined and will stay on the line with the representative until they opened the attachments. It will download other malicious tools, which will aid in recording the credit card numbers at the e-commerce payments and point of sale machines. Most of the antivirus software have failed to determine the malware.