Companies going through a merger or acquisition, as well as their lawyers, financial advisers, and other associated firms are all tempting targets for cyberattackers. The attackers use public sources for the first round of information gathering, then spearphishing and malware campaigns against targeted individuals. They are often undetected because many companies still ignore cybersecurity when doing due diligence. The stolen information could be used by foreign governments or business competitors, and the payoff could take years. The risk of attack starts before an official merger announcement is even made, while companies are still in the preparatory stages.”]
Source: https://www.csoonline.com/article/3049402/merging-firms-appealing-targets-for-attackers.html

