Anga Com conference in Germany targeted by hackers
Threat actors impersonated a popular conference in Germany for broadband and media distributors.
Anga Com attracts over 22,000 participants from 470 companies. Cybersecurity company Avanan discovered a phishing campaign crafted exclusively for potential conference attendees.
“This con starts with an email purporting to come from Anga Com notifying them that visitors expressed interest in their exhibit during the conference. That’s the ploy. Who wouldn’t want to generate new business?” Avanan explained.
To initiate communication with prospective clients, victims are redirected to a specific platform where they need to sign up.
It is relatively easy for the threat actors to identify potential victims since there’s quite a lot of buzz on social media around conferences like this, with companies and other participants sharing excessive information.
Creating a look-a-like page is something that requires more skill. In this case, hackers relied on Surge.SH - a cloud platform for hosting static websites. While this is a legitimate service, as with many others, threat actors abuse it to foster criminal activity.
“By leveraging the legitimacy of Surge, it allows for the bypassing of security services. Users can spot the plot by seeing that the URL has the Surge domain in it. But even that is potentially tricky. Because Anga Com is in the name of the URL, users might think that Surge is the platform being used to host the leads,” Avanan explained.