India major target as cyber criminals now think global, act local

According to security vendor Sophos, cybercriminals are now crafting customized spam to carry threats using regional vernacular, brands and payment methods for better cultural compatibility.

There is a growing trend among cybercriminals to target and even filter out specific countries when designing ransomware and other malicious cyberattacks, and India is on top of the hit list, according to a new research from network and endpoint security vendor Sophos. This news comes in the wake of a Symantec blog revealing that a China-based cyber espionage group has been attacking Indian companies for a long time.

To lure more victims with their attacks, cybercriminals are now crafting customized spam to carry threats using regional vernacular, brands and payment methods for better cultural compatibility, according to Sophos. Ransomware cleverly disguised as authentic email notifications, complete with counterfeit local logos, is more believable, highly clickable and therefore more financially rewarding to the criminal. To be as effective as possible, these scam emails now impersonate local postal companies, tax and law enforcement agencies and utility firms, including phony shipping notices, refunds, speeding tickets and electricity bills. SophosLabs says it has seen a rise in spam where the grammar is more often properly written and perfectly punctuated.

Sophos researchers also saw historic trends of different ransomware strains that targeted specific locations. Versions of CryptoWall predominantly hit victims in the U.S., U.K., Canada, Australia, Germany and France, TorrentLocker attacked primarily the U.K., Italy, Australia and Spain and TeslaCrypt honed in on the U.K., U.S., Canada, Singapore and Thailand.

The analysis also shows Threat Exposure Rates (TER) for countries during the first three months of 2016. Although Western economies are more highly targeted, they typically have a lower TER. TER data represents malware infections and attacks per 1,000 Sophos endpoints in each country from 1 Jan 2016 to 8 April 2016.

India, with a TER rate of 16.9% tops the table of major countries. Countries like Algeria and Pakistan have higher TER than India.

The research includes information from millions of endpoints worldwide and is analyzed by the team at SophosLabs.

Air Zoom Pegasus 35


Add new comment