Hospitality sector targeted by increasingly advanced phishing attacks

SiliconAngle reports that organizations in the hospitality industry have been subjected to increasingly sophisticated phishing attacks that involved Domain Name System protocol exploitation to evade detection. Attacks that commenced in June employed a two-pronged approach, with threat actors commencing with intrusions with the delivery of phishing lures to hotel staff to facilitate data exfiltration activities before proceeding with compromising hotel customers' online accounts and stealing their credit card information through malware-laced emails, a report from Akamai Technologies revealed. Further analysis of the domains used in the campaign showed threat actors' usage of typosquatting and levelsquatting techniques to establish legitimacy for their targets. Most of the DNS traffic was noted by researchers to have originated from Switzerland, Hong Kong, and Canada, and while the campaign was linked to a Russian threat actor based on the leveraged lures, attackers may have only been using Russian brands Yandex and Sberbank to conceal their origins.