Open menu
Resources & insights

Current Phishing Attack Affecting Capital Markets Firms

Doherty Associates have identified a large-scale and sophisticated phishing campaign that is specifically targeting firms in the capital markets space, including private equity, venture capital and asset management.

The Situation

  • The attackers, impersonating legitimate services, have been sending emails from subdomains of azurecomm[.]net, a domain which might initially appear trustworthy.
  • They have been creating new subdomains at a rapid pace to bypass security measures.
  • These emails often contain links leading to malicious websites, with casacouturehome[.]com being one such identified site.
  • Notably, many of these phishing attempts are disguised as digital signing requests, a tactic aimed to exploit the routine nature of document signing in your industry.
  • The content of these emails is crafted to appear highly relevant to individuals in your industry, thereby increasing their deceptive potential.
  • A redacted example is shown below – this was an email picked up by our systems.

Doherty Associates’ Guidance

  • Update your cybersecurity systems, including your email security software, to recognise and block this threat.
  • Be proactive in blocking new subdomains as they are created.
  • Increase monitoring of related suspicious activity.
  • Investigate any unusual patterns to ensure immediate response to any threats.
  • Make your teams aware of this threat and remind them of good cyber security habits, especially as this threat develops. In particular they should:
  • Scrutinise emails from unknown senders, especially those prompting urgent action or containing links or attachments.
  • Pay particular attention to the sender’s domain and be wary of any email originating from azurecomm[.]net subdomains.
  • Be particularly vigilant of any of emails that could be masquerading as digital signing requests.
  • Never click on links or download attachments from unknown or suspicious sources.
  • Remind themselves of the protocols for reporting suspicious emails.
  • Conduct a quick review of their recent emails to check for any signs of this campaign.
  • Report any suspect emails to your service desk.

Get in Touch

Doherty Associates provide managed IT and cyber security services to a range of clients across the capital markets space. Please get in touch to see how we can help.

Topics: Cyber security

Written by: Alex Bransome

Posted: 04 January 2024

Related posts

Resources

Productivity and technology challenges in capital markets 2023

Download

Blogs

The top 7 cyber security risks for private equity firms

Read more

Blogs

Having good tools in place to block attacks is all I need, right? Wrong!

Read more
Back to resources & insights

We’re here to help

If you want to achieve better outcomes for your business through a more intelligent use of technology, talk to us.

Contact us