With terrorism dominating the news, hackers are trying to exploit the fears of people in the Middle East and Canada by posing as Dubai law enforcement to spread malware.
Warning of terror attacks, emails sent by the hackers promise tips on how to stay safe. They include two attachments, one a harmless PDF file and the other a remote access Trojan (RAT), a tool often used to infect a computer and steal sensitive information.
They are being sent from email addresses spoofing those of a United Arab Emirates law enforcement agency, often the Dubai Police Force, according to a recent report from Symantec.
So far, the targets have mostly been companies and individuals in the Middle East and Canada connected to the energy, defense and finance industries, among entities. The hackers, according to Symantec, are "expanding their reach and we may see new email models targeting additional countries."
The emails are made somewhat believable by including the target's name in the subject line and the faked signature of a real top Dubai law enforcement official.
"With recent events such as those witnessed in Paris and Beirut just last week, terrorist attacks have become a threat across the world, and terror groups have been known to make their presence felt online too," Lionel Payet, a threat intelligence officer at Symantec Security Response, wrote on the company's blog. "We may yet see more of these kinds of social engineering tactics preying on real-world fears."