Tag: Phishing

Don’t Get Caught in a SMiShing Scam

The word ‘SMiShing’ may sound like gibberish — we think it’s a weird one — but some of the world’s largest enterprises are losing millions of dollars to these scams every year. Similar to phishing, the fraudulent act of sending imitation emails claiming to be a corporation in order to obtain personal information from customers, SMiShing uses SMS (short message service) to achieve the same outcome.

Scammers are taking to SMS to prey on people’s trust, panic or sense of urgency. These messages are disguised as a warning from your bank about an unauthorized charge or an alert about an unidentified user accessing one of your accounts. The goal? To lure you into providing account information  by tapping on a link and entering your information into a look-alike website.

Read more about SMiShing scams and learn how to avoid them on Tripwire.

Beware of American Express Emails With Attached Phishing Form

A phishing campaign is underway that pretends to be from American Express and states that there is a security issue with your credit card. It then prompts you to open an attached HTML phishing form that will send the inputted information back to the scammers.

Numerous variants have been sent since October 2018.  All of these variants utilize the same theme of there being a security review of your credit card that found issues that require you to send your information through an attached form and create a new online account. These emails are being sent out from mail domains that are based off of the “American Express” keyword such as AmExpress@amnex.com, AmericanExpress@ampress.com, and AmericanExpress@aemail.com.

Read more about the phishing campaign on BleepingComputer.

FTC Warns of Netflix Phishing Scam Making Rounds

The Federal Trade Commission (FTC) is warning of a new phishing scam reeling in Netflix customers and stealing their payment information. The spotted scam purports to be an email from Netflix.

“Police in Ohio shared a screenshot of a phishing email designed to steal personal information,” said Colleen Tressler, consumer education specialist with the FTC in a post. “The email claims the user’s account is on hold because Netflix is ‘having some trouble with your current billing information’ and invites the user to click on a link to update their payment method.” In reality, the bad actors who sent the email are pocketing that payment information.

Read more about the new Netflix phishing scam on Threatpost.

Info on Over 500,000 Students and Staff Exposed in San Diego School District Hack

Personal information belonging to over half a million students going back the 2008-2009 school year, parents, and staff members of San Diego Unified School District (SDUSD) may have been compromised in a data breach incident. An unauthorized person baited the staff with phishing emails to collect credentials to log into the district’s network services.

The data breach exposed personally identifiable details of student and selected staff, including names, dates of birth, mailing and home addresses, telephone numbers, social security numbers and/or state student ID numbers.

Read more about the SDUSD data breach on BleepingComputer.

Office 365, Outlook Credentials Most Targeted by Phishing Kits

Phishing attacks have become more targeted and sophisticated and also show a focus on enterprises, cloud-based Internet security services provider Cyren says. After analyzing 2,025 phishing kits during the second half of the year, Cyren’s security researchers were able to identify not only the most used phishing kits, but also key trends in the phishing industry.

In recent years, the malware industry as a whole has welcomed less skilled actors through the emergence of various malware-as-a-service business models. The proliferation of such services has driven the number of malicious attacks upwards, and the trend is expected to continue.

Read more about the findings of the Cyren report on SecurityWeek.

Fake Amazon Order Confirmations Push Banking Trojans on Holiday Shoppers

Phishing and malspam campaigns are in high gear for the holidays and a new campaign pretending to be an Amazon order confirmation is particularly dangerous as people shop for holiday gifts.

In a new malspam campaign discovered by email security company EdgeWave, attackers are sending email disguised as very convincing Amazon order confirmations. These fake order confirmations come with a malicious Word document that delivers the Emotet banking Trojan if the user opens the document and enables the content.

Read more about the dangerous attack campaign on BleepingComputer.

Widespread Apple ID Phishing Attack Pretends to be App Store Receipts

A widespread and sneaky phishing campaign is underway that pretends to be a purchase confirmation from the Apple App store. These emails contain a PDF attachment that pretends to be a receipt for an app that was purchased by your account for $30 USD and tells you to click a link if the transaction was unauthorized. Once a user clicks the link, down the rabbit hole they go.

There is nothing in the email telling victims to open the attachment. Instead the attackers are relying on the victim saying “What the… ? I didn’t purchase an app” and opening the PDF to see what’s going on.

Read more about this clever phishing campaign on BleepingComputer.

Cybercrime gangs continue to innovate to hide their crimes

According to the APWG’s new Phishing Activity Trends Report, after spiking in the spring, phishing has been taking place at a steady pace — but phishers are using new techniques to carry out their attacks – and obfuscate their origins – to make the most of every phishing campaign.

The total number of phish detected by APWG in Q3 2018 was 151,014. This was down from 233,040 in Q2 and 263,538 in Q1. There was an unusual rash of phishing in the spring of 2018, and the amount of phishing in Q3 was a return to the kind of levels seen through 2017.

Read more about the findings of the new APWG report on Help Net Security.

Russia-Linked Phishing Attacks Hit Government Agencies on Four Continents

A recent campaign attributed to the Russian cyber-espionage group Sofacy hit government agencies in four continents in an attempt to infect them with malware, Palo Alto Networks security researchers say.

Also known as APT28, Fancy Bear, Pawn Storm, Sednit and Strontium, the Russian state-sponsored hacking group has been focusing on Ukraine and NATO countries in recent years, and the new attacks are no different. The actor is also believed to have targeted the 2016 presidential election in the United States. Palo Alto Networks has shared new information on the latest campaign, which was carried out from mid-October through mid-November.

Read more about the latest campaign by Sofacy on SecurityWeek.

Volkswagen Giveaway Scam Peddles Ad Networks

A fake Volkswagen campaign is making its way across social media platforms, luring in victims with promises of a free Volkswagen car giveaway – but instead redirecting them to third-party ad servers.

Victims are first sent messages via WhatsApp or Facebook, purporting to be from Volkswagen and claiming it will give away up 20 free cars until the end of the year, researchers with Sucuri said. Targets of the scam are instructed to participate in the contest by clicking a link embedded in the message. However, the link attached to the messages sent via social media does not appear to collect personal information – but instead tries to re-direct victims to various advertising networks.

Read more about the Volkswagen scam campaign on Threatpost.