The Standard

Why you risk starting the New Year broke

By Moses Omusolo | 5yrs ago

You risk starting the New Year broke as cybercriminals target payments process of companies as well as divert money meant for suppliers and employees to their personal accounts.

The new cyber-attack is targeted at African organisations, with local cybersecurity firm Serianu warning that local firms stand exposed to hacking.

This could see more firms and individuals lose their money to the criminals.

The attack comes in the form of an email inbox disguised as a ‘pending payments’ request with an excel sheet attachment and when downloaded, opens the doors of an organisation’s systems to cyber criminals.

According to Serianu, the risk is heightened at this particular time of the month, being end month as well as the year when many companies are processing numerous invoices and payments.

The cybersecurity company in an alert to its clients on Saturday warned of a “new phishing attack spread via a malicious payment.xls document targeting organisations in Africa.”

Critical data

It added that all departments that process payments are targets of the malware, which is capable of compromising and stealing critical data from an organisation’s systems.

“The Pending payments.xls file is a malicious Microsoft Excel application distributed via emails,” warns the company in a statement, adding that the file requires a person to manually run the same before their systems can be compromised.

The firm said it found that the malware has ‘dropper functionality’ - meaning it can download malicious files from the links it stores in advance into a computer.

Meanwhile, in their step-by-step explanation of how an attack happens, the Serianu alert says the first step is that targets receive an email with an attachment dubbed Payments.xls.

 Then, once a person downloads and runs the file, a malicious code with ‘dropper, adware and backdoor’ capabilities is executed.

To avoid risks of the attack, the firm recommends that a person receiving the suspicious mail or document not to click or download the attachment.

Related Topics

Cyber security Serianu Cyber Attack Online Payment Money
.

Latest Stories

Amateurs to battle for KGU's Trans Nzoia Open Championship in Kitale
Amateurs to battle for KGU's Trans Nzoia Open Championship in Kitale
Golf
By Maarufu Mohamed
27 mins ago
Premium Showdown looms after MPs alter key IEBC Bill
Politics
By Josphat Thiong’o
4 hrs ago
Premium Supreme Court rejects Tuju's new evidence in Sh1.9b EADB loan suit
Politics
By Kamau Muthoni
4 hrs ago
.

The Standard Insider

Supreme Court rejects Tuju's new evidence in Sh1.9b EADB loan suit
By Kamau Muthoni 4 hrs ago
Premium Supreme Court rejects Tuju's new evidence in Sh1.9b EADB loan suit
Education Ministry to assess damage to schools ahead of Term 2 opening
By Mike Kihaki 4 hrs ago
Premium Education Ministry to assess damage to schools ahead of Term 2 opening
Showdown looms after MPs alter key IEBC Bill
By Josphat Thiong’o 4 hrs ago
Premium Showdown looms after MPs alter key IEBC Bill
Arrest of two KQ staff by Congo military sparks diplomatic tiff
By Macharia Kamau 4 hrs ago
Premium Arrest of two KQ staff by Congo military sparks diplomatic tiff
.

Digger Classified

DIGGER MOTORS

DIGGER JOBS

DIGGER REAL ESTATE

GET OUR NEWSLETTER

Subscribe to our newsletter and stay updated on the latest developments and special offers!

CONNECT WITH US

FOR THE LATEST JOB ADVERTS

join Digger Classifieds telegram channel
The Standard
© 2024. The Standard Group PLC. All rights reserved