Cybercrooks target finance dept employees in India, US and UK
New Delhi, Feb 7: Cybercriminals are targeting small businesses in India, the UK and the US, sending infected mails to employees responsible for accounts and fund transfers to steal money from affected organisations, security software solutions provider Symantec said.
"Financially-motivated attackers are sending social- engineering e-mails to small and medium businesses (SMBs) in India, the UK and the US in order to deliver Backdoor.Breut and Trojan.Nancrat," Symantec said in a blog.
Attackers have been spreading two families of remote access Trojans (RATs) to small businesses in India (56 per cent), the US (23 per cent) and the UK (21 per cent) since the start of 2015, it added.
The attackers don't focus on specific industries or organisations, working to gain access to whichever business they can, and if they can't compromise a company, they move on to another, Symantec said.
Symantec said the attackers operate with few resources, rely on social engineering rather than exploits, and use two publicly available RATs.
"The campaign has been occurring since at least early 2015. For most of the year, the targets were mainly located in India, while some others were in the US and other regions," it said.
However, activity in India and the US has dropped in the past few months while the number of infections in the UK has increased, Symantec added. The e-mails include archive file attachments, usually with the .zip extensions.
If the user opens the file, their computer is infected and gives the attackers complete control of the victim's computer.
Through these infections, the attackers can access the webcam and microphone, log keystrokes, steal files and passwords.
Symantec said users should be careful while opening attachments or clicking on links in suspicious e-mail messages.
Also, users should avoid providing any personal information while answering an e-mail and never enter personal information in a pop-up web page.
Besides, keep security software up to date and if the user is uncertain about an e-mail's legitimacy, they should contact the internal IT department, Symantec said.
PTI
-
Centre Invokes Essential Commodities Act to Safeguard LPG Supply Amid Middle East Crisis -
What Is 'MalbaPortal'? Delhi Govt Introduces For Construction Debris Tracking To Reduce Illegal Dumping -
Yogi Cabinet Clears Rural Bus Network for 12,200 Villages, Tightens Land Registry and Staff Conduct Rules -
Gold Rate Today 11 March 2026: Fresh IBJA Gold Rates; Tanishq, Malabar, Joyalukkas, Kalyan Jewellery Prices -
Namibian Cheetah Jwala Gives Birth to Five Cubs at Kuno National Park; India’s Count Reaches 53 -
IB Group Promotes Women Empowerment and Nutrition via New CSR Initiatives in India -
Gold Silver Rate Today, 9 March 2026: City-Wise Prices, MCX Gold and Silver Ease Slightly After Rally -
LPG Shortage Forces Pune To Shut Gas-Based Crematoriums Amid West Asia Conflict -
From Snacks to Meals: Match Day Sparks Surge in Food App Orders -
Iran Internet Shutdown Deepens Amid US-Israel War, NetBlocks Reports 240 Hrs Of Nationwide Blackout In 2026 -
Pune Electrician Arrested After Viral Video Shows Him Raising ‘Pakistan Zindabad’ Slogans, Watch -
Hyderabad Gold Silver Rate Today, 9 March 2026: Latest 24K, 22K Gold And Silver Rates In City
Click it and Unblock the Notifications
Sign in with Google