Holiday Season 2015 Email Campaign

The holiday season is a time when many people go on vacation or at least get much-needed downtime from work, but that is not always the case with attackers. To better understand the threats we face during “the most wonderful time of the year,” FireEye Labs has been collecting data on the most prominent malware families delivered via email campaigns throughout the 2015 holiday season.

Email phishing remains one of the primary infection vectors used by threat actors to deliver malware. Detecting these email campaigns continues to be challenging, as delivery methods and the form of the malware downloaders continue to evolve.


Join us for a free webinar!

FireEye malware researchers Mary Grace Timcang and Robert Venal share key insights on email attack campaigns from various threat groups over the 2015 holiday season.
Tues., Feb. 16 (11 a.m. ET/8 a.m. PT)


In this report you will learn about how Dridex conducted a large-scale attack using new delivery methods in a suspected attempt to obtain new victims following an October takedown, how FareIt continues to be creative in its social engineering techniques to entice targets, and how TeslaCrypt is using scripts that could easily be modified, which makes each sample highly dynamic in its content and techniques. We also detail campaigns involving Nivdort, Nymaim, and UrSnif.

We expect these threats will persist and continue to adapt through new social engineering techniques, delivery methods, and the complexity of attacks.   

As such, it is important for organizations to remain vigilant with user education, proactive detection technologies and security policies.

You can read the report here and learn more about email campaigns that occurred during the 2015 holiday season.

For more information on these threats, we will have a live webinar with FireEye’s Mary Grace Timcang and Robert Vernal. Register here and join us on Tuesday, Feb. 16, at 11 a.m. ET/8 a.m. PT.