Hackers targeting RV industry marketing professionals

Listen to this story

By Greg Gerber
Editor, RV Daily Report

For the fourth time in as many weeks, a hacker has been able to gain access to a company’s email system and control the system live by pretending to be the firm’s marketing director.

RV Daily Report received another message today from the marketing director of a well-known RV supplier company.

The subject line is similar to “Follow Up – Acknowledge 2019 Marketing Development Proposal Article” and the message reads:

Good Morning,

Please see below revised Marketing proposal for your review. Kindly CLICK TWICE to review and let me know if you have any questions.

Let me know your thoughts.

Thank you.

The message is signed by the marketing director with an exact copy of the person’s typical email signature, including company logos. The body of the message also includes a link to some type of file.

The Sharepoint link always looks legitimate because it includes the company’s name as well as the name of the person sending the message.

However, people who click on the link risk infecting their computer systems with either a virus or malware.

As in the past, RV Daily Report responded to the message asking if it was legitimate, only to receive a reply a few minutes later. The reply has been similar in every instance. It simply reads:

Yes I sent it here attached, please go ahead and review.

Thank you,

The reply never includes a signature.

However, the fact that a response is sent quickly indicates that the company’s email system has been hijacked and is being controlled live from a remote location.

The problem first surfaced April 23 when the email account for the publisher of a major RV industry news magazine was hacked. It appears that the hacker was able to copy that person’s contact list, which would include email addresses for every marketing professional in the RV industry.

Since then, three more messages have been sent to RV Daily Report, all from marketing directors.

RV Daily Report advises people who receive messages like the one above to follow these steps:

  1. Do not click on any links contained in the message or download any attachments.
  2. Do not respond to the message directly.
  3. Look up online the main telephone number for the company that sent the message.
  4. Call the company directly and report the problem either to the marketing director or to the company’s information technology team.
  5. If possible, do not leave a message, but stress that the IT department needs to be told about the problem immediately.

These types of links and files have been known to install malware or even ransomware that will literally lock up and encrypt a company’s entire computer system until a ransom is paid.

At the very least, after installing malware, the intruder has access to important files, customer lists and other sensitive information.

Greg Gerber

Greg Gerber

A journalist who has covered the recreation vehicle industry since January 2000, Greg Gerber founded RV Daily Report on April Fool's Day in 2009. He also serves as the editor of the publication and website. As an Eagle Scout, he has enjoyed camping for decades and has visited every state except Hawaii. A DODO -- Dad of Daughters Only -- to three young women, he has two grandchildren as well. He currently splits his time between Wisconsin, Texas and Arizona. Greg can be reached at editor@rvdailyreport.com.

Leave a Comment

Get Daily News Delivered

Get Weekly News Delivered

Multi-stage battery
charging with IOTA IQ4
Smart Controller

Recent Posts

Get Daily RV News Delivered

Every day we send a summary of the most important news via email. Make sure you don’t miss anything.