Kaseya seeks perpetrators of fake-invoice malware attack

Emails purporting to be from remote management firm asks recipients for payment for licences

  • Tweet  
  • LinkedIn  
  • Facebook  
  • Google plus  
  • Send to Kindle
  • Send to  
Malware security threat

Kaseya is seeking to identify the people behind a reported malware attack being perpetrated using a fake invoice from the managed services company.

Earlier this week this reporter was one of many people to receive an email (see screenshot below) titled Kaseya Invoice, with the subject line also containing an eight-character customer reference. The message, which was addressed to ‘Accounts Payable', went on to thank the reader for their recent purchase of Kaseya licences, and indicated that an invoice in Word or Excel form was attached.

Related articles

The missive further stated that, if the reader wished to pay via bank transfer, then details were included on the attached invoice. Credit card payment was possible by emailing a given address, said the message, which signed off with a person's name and contact number.

Various security blogs and advice sites have flagged up the emails as a risk, counselling that opening the invoice attachment could see your machine infected with Dridex malware. According to myonlinesecurity.co.uk the emails have been primarily sent to SMBs.

A Kaseya spokesperson told Channelnomics Europe that the remote management firm was "very disappointed" to learn of its name being used in this way, but that such misuse was an occupational hazard of its status as a well-known industry brand.

"It's often the companies who are most successful in their space who are targeted, as those perpetrating these phishing schemes know that using names like Kaseya's are a way to cast a wider net and have higher probability of convincing a recipient to respond," they added.kaseya-email-screenshot

The spokesperson revealed that Kaseya has begun an investigation to identify those responsible for the attempted attack, in the hope of putting a stop the emails. They also spoke to reassure any customers and partners that might harbour concerns.

"We have no indication that these emails are being targeted to anyone in particular and it appears that this phishing scheme is targeted to the internet as a whole and not to Kaseya partners," said the spokesperson. "However, we'd like our community to know that while emails from Kaseya's billing department may include attached invoices, they will always contain a personalised subject line and greeting - typically the contact's name and the name of their company. They will also include the sales order number - if one has been established yet - and will always come from billing@kaseya.com. These are things that recipients should look for.

"We'd also encourage everyone, Kaseya customer or not, to always practice good email hygiene and to enlist the use of good antivirus and antimalware tools to protect themselves from such attacks."

  • Tweet  
  • LinkedIn  
  • Facebook  
  • Google plus  
  • Send to Kindle
  • Send to  

Want more articles like this?

Subscribe to Channelnomics Europe for a daily newsletter roundup direct to your inbox

 
More on Solution Provider
Woman using keyboard and mouse

Microsoft to shake up online partner directory

Vendor email reveals upcoming changes to Pinpoint

Euro-denominated fundraising

Detron ups profits in solid 2015

Firm inches closer to €100m sales mark

suitcase1

Polish start-up Onwelo embarks on European recruitment drive

IT services firm Onwelo aims to secure 2,000 new staff in three years

adviser

Logicalis acquires Spanish analytics consultancy outfit Lantares

CEO claims merger will grow security and IoT offering

Visitor comments
Add comments
blog comments powered by Disqus
In-depth
spain-flag

Reign in Spain

As Esprinet achieves its goal of Spanish market leadership, its co-CEOs tells us what’s next for the distribution giant

nordics

ScanSource Communications looks to build Nordic business

Communications arm of VAD signs deal with Unify to extend products to the Nordics

cyber-security

Securing a future

F5 Networks looks to extend reach into security space

hollywood565

A Hollywood ending for European distribution?

Channelnomics Europe content editor Sam Trendall believes local players will increasingly gain on the big four US broadliners