It’s like almost every day threat actors are popping up with new kinds of tactics to monetize their activities. Researchers warned against one such new phishing campaign that is trying to pressurize people into making a rash decision.
Diving into details
- This credential harvesting campaign has been discovered by Cofense and it takes the form of an email about a non-existent suspicious login to their account.
- The emails come from a fake security firm, DNS Online Security, and ask the target to verify their email or get locked out or deactivated.
- The phishing site contains a timer that ticks down from an hour and claims that the target must enter their username and password before the clock strikes zero.
Why this matters
The campaign operators have borrowed this tactic from ransomware gangs. This is a fear tactic that attempts to send victims into a false sense of urgency, ensuring that they follow instructions. Once the victim enters their login credentials, the site either accepts the password or says that the user has entered the wrong password. In either case, the attacker steals the data.
Latest phishing attacks
The following incidents display the rising volumes of sophisticated phishing scams.
- Akamai researchers spotted a phishing campaign targeting PayPal users, attempting to pilfer personal information, including government identification documents. The phishing kit was hosted on valid but hacked WordPress websites, enabling them to evade detection.
- Microsoft uncovered an extensive phishing campaign that leveraged the adversary-in-the-middle tactic. This allowed the attackers to not only steal passwords but also bypass MFA.
The bottom line
This latest phishing campaign underlines the continual innovation in the cybercrime landscape. Phishers have even resorted to borrowing tactics from ransomware groups. Using MFA can help protect accounts but make sure not to panic and actually check emails received from unknown sources.
Publisher
/https://cyware-ent.s3.amazonaws.com/image_bank/9832_shutterstock_1710486247.jpg)
/https://cyware-ent.s3.amazonaws.com/image_bank/88e6_shutterstock_721814395.jpg)
