Threat Management, Malware, Phishing, Threat Management

Hailstorm methods used to spread malware in phishing attacks

Share

Cisco Talos researchers have spotted Hailstorm spam tactics used to evade cyber defenses and spread malware via phishing attacks.

Rather than send large volumes of mail for large periods of time, hailstorm campaigns send larges bursts of spam over very short periods of time, according to a Dec. 19 blog post. The spam is sent via IP addresses located around the world with the intent of flying under the radar with respect to any reputation or volume-based metrics that could be applied by anti-spam systems.

Researchers said that although these types of campaigns are generally more of a nuisance rather than a threat, the spam distributed via the campaigns can result in drive-by downloads, business email compromises, fraud and identity theft.

Most of the earlier campaigns detected were initially used to advertise supposed home-surveillance systems, flashlights, dietary supplements and all sorts of items “as seen on TV” products.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.