A recent Symantec report found that 69% Indians connect to the internet with their mobile phones. As usage increases, so do threats. Last year, across the world, mobile malware increased by 58%, and 50% of mobile malware created in 2012 attempted to steal information or track movements, according to the latest Symantec Internet Security Threat Report volume 18.
A statement issued by Symantec said that there was a new threat that carried out social engineering attacks. In April 2013, Symantec was alerted to a series of sophisticated social-engineering attacks. India ranked among the top 10 countries in the world targeted by this new threat. The victim receives a phone call from the attacker who impersonates an employee or business associate, asking them in French to process an invoice received via email. However, the email typically contains a malicious link or an attachment, which is actually a variant of W32.Shadesrat, a Remote Access Trojan (RAT). W32.Shadesrat is used by a variety of attackers of varying skill levels.
The release further added that the victims of these attacks generally tend to be accountants or employees working within the financial department of these organizations. Since handling invoices is something they would do on a regular basis, this lure has the potential to be quite convincing.
The attacker's motivation here is purely financial. Targeting employees who work with company finances likely provides access to sensitive company account information. These employees may also have the authority to facilitate transactions on behalf of the organization; a valuable target if the attacker gains access to secure certificates that are required for online transactions or confidential bank account information.