ENOC

A significant BEC fraud that targets Middle Eastern-based businesses and people has been discovered.

The effort has grown to include a new group of phishing domains that were created using the same name patterns as a prior campaign that was detected in July.

The collection of phishing websites uses several forms of baits, including phoney employment offers, investment possibilities, vendor registration, and contract bidding, to target contractors in the UAE.

Ninety percent of the 35 phishing domains examined target the Emirates National Oil Company, Sharjah National Oil Corporation, and Abu Dhabi National Oil Company (ADNOC) (ENOC).

In order to deceive users, some domains have simply an email server (often provided by Zoho) active, some have duplicated the content of reputable companies, and some domains reroute to reputable domains.

Threat actors behind this campaign are deliberately purchasing and registering domains with keywords that are similar to those of domains belonging to real businesses.

The campaign also makes use of pre-stored static web pages with comparable templates to make it resistant to takedowns.

If a domain is banned, these templates are uploaded to another domain.

Source: https://cyware.com/news/advanced-phishing-campaign-targets-the-uae-organizations-fea9a469

"id": "ENO223731222",
"linkid": "enoc",
"type": "Cyber Attack",
"date": "12/2022",
"severity": "100",
"impact": "6",
"explanation": "Attack threatening the economy of a geographical region"