Dozens of Fortune 500 companies have been hacked by a group of cyberspies hoping to acquire insider information about those companies and increase financial gain. Among the companies compromised, over two-thirds were in the pharmaceutical and health-care industry. Other industries affected include financial service firms and related sectors such as investment bankers, investor relations, and attorneys, according to slashdot.com.
The hacker group, called Fin4, stole sensitive information from employees of these companies by sending phishing emails and tricking them into entering their credentials into a false log-in page, thus stealing their usernames and passwords.
“Members boast a strong command of the English language and knowledge of corporate finance and Fortune 500 culture,” mentions ArsTechnica, a technology news site.
The hackers plan to use their collected information to improve their odds in the stock market, as all but three of the companies attacked were listed on the New York Stock Exchange or Nasdaq, according to CNN Money.
image from kaboompics.com
The Department of Homeland Security advises individuals and companies to never click on links in emails and never open attachments unless trusted and to never give out personal information over the phone or in an email. Contact companies directly if you receive suspicious emails. Always set secure passwords, pay close attention to website URLs, and keep operating systems, anti-virus, and other software up to date.
According to Ray Wilson, President and CEO of cat-man-du, “Making a network security appliance a part of a business’s network security plan is essential in preventing and early detection of cyber-threats.”