Skip to main content
Open menu
Resources & insights

Current Phishing Attack Affecting Capital Markets Firms

 

Doherty Associates have identified a large-scale and sophisticated phishing campaign that is specifically targeting firms in the capital markets space, including private equity, venture capital and asset management.

The Situation

  • The attackers, impersonating legitimate services, have been sending emails from subdomains of azurecomm[.]net, a domain which might initially appear trustworthy.
  • They have been creating new subdomains at a rapid pace to bypass security measures.
  • These emails often contain links leading to malicious websites, with casacouturehome[.]com being one such identified site.
  • Notably, many of these phishing attempts are disguised as digital signing requests, a tactic aimed to exploit the routine nature of document signing in your industry.
  • The content of these emails is crafted to appear highly relevant to individuals in your industry, thereby increasing their deceptive potential.
  • A redacted example is shown below – this was an email picked up by our systems.

Doherty Associates’ Guidance

  • Update your cybersecurity systems, including your email security software, to recognise and block this threat.
  • Be proactive in blocking new subdomains as they are created.
  • Increase monitoring of related suspicious activity.
  • Investigate any unusual patterns to ensure immediate response to any threats.
  • Make your teams aware of this threat and remind them of good cyber security habits, especially as this threat develops. In particular they should:
  • Scrutinise emails from unknown senders, especially those prompting urgent action or containing links or attachments.
  • Pay particular attention to the sender’s domain and be wary of any email originating from azurecomm[.]net subdomains.
  • Be particularly vigilant of any of emails that could be masquerading as digital signing requests.
  • Never click on links or download attachments from unknown or suspicious sources.
  • Remind themselves of the protocols for reporting suspicious emails.
  • Conduct a quick review of their recent emails to check for any signs of this campaign.
  • Report any suspect emails to your service desk.

Get in Touch

Doherty Associates provide managed IT and cyber security services to a range of clients across the capital markets space. Please get in touch to see how we can help.

Related content

Resources

Productivity and technology challenges in capital markets 2023

Download

Blogs

The top 7 cyber security risks for private equity firms

Read more

Blogs

Having good tools in place to block attacks is all I need, right? Wrong!

Read more

We’re here to help

If you want to achieve better outcomes for your business through a more intelligent use of technology, talk to us.

Contact us