Threat Intelligence, Incident Response, TDR

Foreign attackers email phishy invoices to Mandiant CEO

The head of a firm, which uncovered major findings on China-based espionage efforts, realized he was the target of phishers in the country.

Kevin Mandia, CEO of Alexandria, Va.-based incident response and forensic firm Mandiant, recently shared the details of the ruse to Foreign Policy magazine. In a Monday article, the publication revealed that saboteurs were sending Mandia malicious emails designed to look like invoices from a limo company he frequently used.

“I've been receiving PDF invoices not from them, but from an [advanced hacking] group back in China; that's awesome,” Mandia reportedly said. The CEO discovered something was awry when he began receiving receipts on days he hadn't used the limo service.

Further investigation confirmed Mandia's suspicions – that the emails contained a malicious payload.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.