Dropbox Transfer alerts used for legitimacy The scammers behind this phishing campaign have found the perfect time to use this tactic since governments all over the globe are currently doing their best to give a helping hand to businesses and citizens dealing with financial issues caused by the COVID-19 pandemic.Īdditionally, they are taking advantage of their victims’ hopes for governmental financial aid to get them out of a tough spot with emails camouflaged as official government correspondence potentially lowering down their guard.
These highly targeted phishing attacks have so far delivered emails that, according to numbers from security researchers at email security company Abnormal Security, have landed in the mailboxes of up to 5,000 potential victims. The Microsoft team warned that the scam emails contain two URLs that victims are encouraged to click on.Business owners with Microsoft Office 365 accounts are targeted in a phishing campaign that uses bait emails designed to look like legitimate Small Business Grants Fund (SGF) relief payment messages from the UK government. "The emails use a SharePoint lure in the display name as well as in the message, which poses as a "file share" request for supposed "Staff Reports", "Bonuses", "Pricebooks", and other content, with a link that navigates to the phishing page." It added: "The original sender addresses contain variations of the word "referral" and use various top-level domains, including the domain comcom, popularly used by phishing campaigns for spoofing and typo-squatting.
Microsoft Security Intelligence tweeted: "An active phishing campaign is using a crafty combination of legitimate-looking original sender email addresses, spoofed display sender addresses that contain the target usernames and domains, and display names that mimic legitimate services to try and slip through email filters." The scam is also said to try and steal Google Cloud logins. 1 Phishing is when a scammer sends out a fake message trying to convince people to give away information Credit: Rex
0 kommentar(er)
