Hackers have broken into at least 12 Australian companies using a sophisticated campaign that compromised an online education provider then impersonated it to gain access to other firms’ systems.
A phishing scam, which often comes in the form of an email, is designed to trick targets by imitating a legitimate company or service. Australian cybersecurity firm CyberCX, which discovered the phishing and impersonation campaign, found at least one hacker had been abusing the online learning platform since March 2021.Katherine Mansted, director of cyber intelligence and public policy at CyberCX, said hackers of all varieties, including criminal groups and nation states, had increasingly exploited trusted names, brands and individuals, particularly from Australia.
“This is an example where that trust is a known brand, and known organisation, [and] is being exploited by, likely, criminals, for their follow-up cybercrime activities.”In the scam, an email from a company’s compromised mailbox would be sent to the online education provider’s platform, where phishing infrastructure was hosted. It would then send out content impersonating the organisation, or pose as a secure file transfer portal.