Don’t Go Phishing for a New Form 10-K

HackerThe Securities and Exchange Commission posted an announcement this week warning EDGAR filers about a phishing scheme aimed at compromising corporate networks and obtaining nonpublic information.

The malicious emails, which purport to be from the Commission, contain information about changes to Form 10-K along with malicious attachments, which, if opened, can result in malware being downloaded to the recipient’s network.

The SEC has not, of course, made any recent changes to Form 10-K and warns recipients of these emails to delete them right away.

Cybersecurity company FireEye posted a blog this week with additional information about the scam, which FireEye detected in late February.  According to FireEye:

All of the observed intended recipients of the spear phishing campaign appeared to be involved with SEC filings for their respective organizations. Many of the recipients were even listed in their company’s SEC filings. The sender email address was spoofed as EDGAR and the attachment was named “Important_Changes_to_Form10_K.doc” (MD5: d04b6410dddee19adec75f597c52e386).

FireEye has, thus far, identified 11 targeted organizations in across six sectors, covering financial services, transportation, retail, education, IT services and electronics.  According to FireEye, all of the “organizations are based in the United States, and many have international presences.”

Bottom line? If you receive an email that claims to have information about changes to Form 10-K, don’t open it and certainly don’t click on any attachments!