What is the issue - Doctor Web analysts observed a phishing scheme where cybercriminals are using international companies’ official newsletter subscription forms to trick victims into making payments to attackers’ bank account.
Worth noting - This phishing scheme targets Russian users with a message written in Russian that states ‘Money for you’.
The big picture
Attackers are sending phishing emails that come from official email addresses from international companies such as Audi, Austrian Airlines, and S-Bahn Berlin to Russian users.
The bottom line - Victims do not receive any prize money even after paying the commission. These are mere phishing scams that steal payment card data and money from victims.
“What’s interesting is how the hackers send the phishing emails. They use official email newsletter signup forms on company websites. Special symbols are allowed in the forms, so it’s possible to send malicious links via official company newsletters,” researchers said in a blog.
Publisher