Kaspersky Reveals Four Cyberattacks On Marketing Department

Cyberattack illustration (Photo: Doc. Kaspersky)

JAKARTA - When attacking the business, usually the cybercriminals will focus on four aspects, namely finance, intellectual property, personal data, and IT infrastructure.

However, according to Kaspersky, cybercriminals usually also target corporate assets managed by public relations and marketing, including emails, advertising platforms, social media channels, and promotion sites.

The following are five cyberattacks that usually occur in marketing departments:

Malvertising

Kaspersky mentions that many cybercriminals are actively using legitimate paid ads. They advertise fake pages from popular apps, fake promos campaigns from well-known brands, and other fraudulent schemes aimed at wide audiences.

In this case, cybercriminals will usually steal login credentials and hack into company advertising accounts, then promote their sites through the account.

Downvoted and unfollowed

In this case, the attacker will break into an employee's personal computer to steal the company's social media network password. Once accessed, the attacker will post a fake ad there.

As a result, if attackers post and promote false offers, the audience can report their complaints directly under the post. In this case, the company will not only suffer financial losses but also a real reputation.

Unscheduled circle

Another effective way for cybercriminals to get free advertisements is to hijack an account with an email service provider.

This access can be exploited in several ways, namely by sending false offers withdrawing to email addresses in the customer database, then secretly replacing links in planned ad emails, or simply by downloading customer databases to then send them phishing emails in other ways.

The side effect of this kind of attack is leakage of customer personal data. As a result, not only is the reputation damaged, but also makes the company subject to fines from data protection regulators.

Fifty shared of website

From a cybercriminal point of view, the goal of hacking websites varies depending on the type of site and business nature of the company. According to Kaspersky, attackers can install a web skimmer on e-commerce sites to steal card details when customers pay for purchases.

In addition, attackers can also create hidden subrings on sites and fill them with malicious content of their choice, which is used for a wide range of criminal activity, be it fake rewards, fake sales, or distributing Trojan software.

The loss experienced by the company due to the hacking of websites was an increase in costs related to the site due to dangerous traffic, a decrease in the number of visitors was actually due to a decline in the ranking of the SEO website, and potential disputes with customers or law enforcement.