In today’s environment, much of the population are doing their bank or financial transactions online and online banking or wire transfers have become a huge necessity. Recently, we received a phishing email that is targeting PayPal accounts. The email header contains an alarming subject and the From: address is a spoofed PayPal-like domain. The Message-Id is also highly suspicious as it uses web hosting site DreamHost which is not related to PayPal.
Recently, we encountered an interesting phishing webpage that caught our interest because it acts like a chameleon by changing and blending its color based on its environment. In addition, the site adapts its background page and logo depending on user input to trick its victims into giving away their email credentials. We see an email with the “initial” URLs in the example below: Figure 1. The raw phishing email showing the URLs, purporting to be a fax message that needs to be accessed.
Illustration by Derrick Deepak Roy Five worthy reads is a regular column on five noteworthy items we’ve discovered while researching trending and timeless topics. This week, we explore phishing attacks and how they’ve evolved in recent times. Way back in the 1990s, or so the story goes, users unwilling to pay for access to the internet would hunt for others’ login credentials to keep browsing for free.
Since the beginning of 2022, the unfolding geopolitical conflict between Russia and Ukraine has resulted in the discovery of new malware families and related cyberattacks. In January 2022, a new malware named WhisperGate was found corrupting disks and wiping files in Ukrainian organizations. In February 2022, another destructive malware was found in hundreds of computers in Ukraine, named HermeticWiper, along with IsaacWiper and HermeticWizard.
In the age of fake news and fake emails, fake Amazon emails are becoming a major problem. If you’re not careful, these fake messages will cause some serious problems for your company’s reputation.
Spambrella continues to monitor the situation in Ukraine and Eastern Europe closely. At this point, it appears that Russian cyberaggression remains regionally focused on Ukrainian government interests, critical infrastructure, and emergency response in the region.
Phishing remains a problem for everyone and any tool that helps is valuable. This post was prompted by the ongoing usage of our free Phish.ly service that we see every day, as people discover the tool and derive enormous benefit from it. If you want to evaluate a suspicious email right now, you need read no further. Just forward that email immediately to scan@phish.ly to get a response quickly from the service.