Upon receiving their authentication credentials, the scam informed its victim that it would redirect them to the website. Instead, the ruse sent them to a 404 error message and redirected them to a URL that included the malicious actors’ domain name followed by the victim’s domain name.
This scam email wasn’t the only attack campaign that leveraged interesting lures between March and June. At the end of June 2020, Cofense discovered a phishing scam with attack emails that used the subject line “Fraud Detection from Message Center.” The email accounts compromised belonged to a school district. Those emails warned the recipients that a security team had detected suspicious activity on their bank accounts. In actuality, the attack emails arrived with a .ICS calendar attachment that included a link hosted on Sharepoint. This link ultimately redirected a user to a phishing site hosted on Google designed to steal banking data.
A few days later, Group-IB came across a multi-stage attack campaign that began with a text message. The message claimed the sender was a recognized media outlet. It also contained a shortened link that redirected people to a fake blog post from that same media organization. Those pages used fake celebrity endorsements to trick the target into clicking anywhere on the page. If the user clicked, the page redirected them to a website hosting a bitcoin investment scam.
These attacks highlight the need for organizations to defend against attack campaigns that use unusual lures. Organizations should invest in a security awareness campaign that seeks to educate the workforce about social engineering techniques. The operation should seek to explore the use of tactics in phishing and other attack operations for the purpose of tricking their victims. Organizations also should develop training modules to teach users about what to avoid, including clicking on embedded links within emails and unsolicited text messages or email attachments from unknown sources. Finally, they should consider using email banners to warn recipients when an incoming message originates from an external source.
Malicious actors are always adding new tactics to their arsenal. Acknowledging these scams and regularly testing employees. will help keep team familiar with emerging attack techniques.
7 min read – While the evolution of LLMs mark a new era of AI, we must be mindful that new technologies come with new risks. Explore one such risk called “audio-jacking.”
5 min read – In recent months, we’ve seen government and business leaders put an increased focus on securing AI models. If generative AI is the next big platform to transform the services and functions on which society as a whole depends, ensuring that…
6 min read – When the Cerberus code was leaked in late 2020, IBM Trusteer researchers projected that a new Cerberus mutation was just a matter of time. Multiple actors used the leaked Cerberus code but without significant changes to the malware. However, the…
4 min read – The rise of artificial intelligence (AI), large language models (LLM) and IoT solutions has created a new security landscape. From generative AI tools that can be taught to create malicious code to the exploitation of connected devices as a way for attackers to move laterally across networks, enterprise IT teams find themselves constantly running to catch up. According to the Google Cloud Cybersecurity Forecast 2024 report, companies should anticipate a surge in attacks powered by generative AI tools and LLMs…
3 min read – A new report from SecurityScorecard reveals a startling trend among the world’s top energy companies, with 90% suffering from data breaches through third parties over the last year. This statistic is particularly concerning given the crucial function these companies serve in everyday life.Their increased dependence on digital systems facilitates the increase in attacks on infrastructure networks. This sheds light on the need for these energy companies to adopt a proactive approach to securing their networks and customer information.2023 industry recap:…
3 min read – Cyber insurance is not a particularly novel product. You pay a premium, suffer harm and then expect some reasonable form of assistance or compensation. The industry has also been around for a while, dating back to the late 1990s. But some issues make the cyber insurance industry different: On account of rapid cybersecurity changes, the impacts are less predictable and change fast. Governmental differences (e.g., legal requirements to carry insurance, who underwrites for different threats, etc.). A blending of all…
7 min read – The rise of generative AI, including text-to-image, text-to-speech and large language models (LLMs), has significantly changed our work and personal lives. While these advancements offer many benefits, they have also presented new challenges and risks. Specifically, there has been an increase in threat actors who attempt to exploit large language models to create phishing emails and use generative AI, like fake voices, to scam people. We recently published research showcasing how adversaries could hypnotize LLMs to serve nefarious purposes simply…
Analysis and insights from hundreds of the brightest minds in the cybersecurity industry to help you prove compliance, grow business and stop threats.
About The Author
More Stories
Anatomy of a Scam
Climate and Environmental Sustainability Within the IETF and IRTF
From Commitments to Practice: Internet Society’s Priorities for WSIS+20 Implementation