Go to listing page

Attackers Impersonate Reputed Brands Ahead of Holiday Season

Attackers Impersonate Reputed Brands Ahead of Holiday Season
As people all over the world are getting ready to bag the best holiday season deal, cybercriminals have begun taking advantage of this situation by launching their own shopping specials in the form of phishing campaigns and fake websites. Here’s a look at some of the recent social engineering lures adopted by threat actors to trick online shoppers.

Impersonating brands to lure users

  • Check Point researchers observed a malicious phishing email campaign designed to target users looking for the Black Friday sale.
  • The webmail address spoofed the popular luxury brand, Louis Vuitton, and contained the subject line “Black Friday Sale. Starts at $100. You’ll Fall in Love With Prices.”
  • The recipients visiting the email were persuaded to click on two malicious links that redirected them to fake websites selling counterfeit items at discounted prices.
  • Besides this, cybercriminals are also found mimicking delivery companies, such as DHL, as a lure.
  • Within the first 10 days of November, around 17% of all malicious emails tracked were related to fake orders/deliveries and shipping.
  • Attached to one such email was a malicious URL designed to steal victims’ credentials by claiming that they needed to pay an amount to complete the delivery.

New phishing kit used to prey on victims

  • Akamai security researchers uncovered a massive phishing campaign that preyed on holiday specials. The campaign was primarily targeted at users in North America.
  • Threat actors behind the campaign leveraged a new and sophisticated phishing kit that used a mixture of social engineering lures and evasion detection techniques to target users.
  • The adversaries also used the phishing kit to mimic reputed brands, hosting companies, user profiles, and testimonials.

Other attack trends observed

  • A massive surge in TrojanOrders attacks was also reported ahead of the holiday season.
  • Approximately 38% of Magento 2 and Adobe Commerce websites were compromised in a number of attacks targeting the mail template vulnerability (CVE-2022-24086).
  • After gaining a foothold on the website, the attackers installed a RAT or their own backdoor to establish permanent access and then perform other nefarious activities.
  • Researchers indicate that such attacks are prevalent during the holiday seasons, especially in November, as online merchants are busy with preparations for Black Friday and Cyber Monday sales.

Staying safe

With the holiday season around the corner, it is expected that more of these attacks will emerge in the coming days. Therefore, online shoppers and merchants must stay vigilant. Users should cross-check offers that appear too good to be true by verifying the seller and the website. Instead of following a link sent through an email or text message, users should visit a retailer's website directly by searching on the browser. Additionally, online merchants should scan their websites for overlooked vulnerabilities and patch them immediately to prevent falling victim to attacks.
Cyware Publisher

Publisher

Cyware