Cyber security news for all

More

    Threat actors target workers with a phishing campaign

    Hackers are “changing with the tide”; as they have uncovered more nefarious manners to extort data from people working from home. Looking for new angles to socially engineer employees working from home under COVID-19 conditions, attackers have devised a new phishing campaign that distributes emails that look as if they were generated by  Private Branch Exchange (PBX).

    PBX incorporates emails of employees and enables them to receive voicemail recordings. The phishing actors have taken advantage of this fact to extort valuable data from employees.

    They create deceitful emails with convincing subject lines with the full intent of deceiving recipients and making them believe they have new messages.

    These subject lines, as well as, the sender name are sometimes customized to incorporate a precise person or company’s name. Thereby cementing the legitimacy.

    Iron scale, a cybersecurity vendor, released a blog post on Thursday concerning the issue. In the blog post, they stated that their researchers detected the malicious activities last month; and at least 100,000 mailboxes from various sectors have been jeopardized.

    In an email interview, an Ironscale spokesperson told SC media; “the attackers are looking to get the recipient to open the malicious attachment to drive to a fake landing page for credential harvesting. The recipient has to enter their O365 login credentials to access the voicemail recording.”

    Due to the absence of a malicious payload in the email, which usually triggers detection, the emails evade the DMARC authentication protocol and easily circumvents security.

    The Vice President of Pre-Sales Engineering/Director Of Engineering – Americas Ian Baxter sheds more light on the threat; “it may seem odd for attackers to create phishing websites spoofing PBX integrations as most voicemails are quite benign in the information shared, however, attackers know that the credentials could be used for multiple other logins, including for websites with valuable PII or business information. In addition, any sensitive information left in the voicemail could potentially be used for a social engineering attack.”

    The hackers have shown that there’s no barrier they can’t break. Whether pre out break or post-outbreak.

    Recent Articles

    Personnel were asked to removed 89 apps which includes Instagram, Facebook, and others by the Indian Army

    Personnel are told by the Indian Army to delete 89 apps from their phones from July 15. This is in a bid to avoid...

    The warning sent to employees about Tiktok app was a mistake says Amazon

    On Friday morning, Amazon sent out a memo to its employees, asking them to uninstall the popular social media app TikTok off their phone....

    Other Android phones sold in the US contains pre-installed malware

    There’s a discovery of Pre-installed malware on another phone by researchers from Malwarebytes; through the lifeline Assistance program for sale in the United States....

    About 15 billion stolen passwords and usernames sold on the dark web.

    A recent finding has shown that about 15 billion passwords and usernames are distributed on the dark web. This compromise will bring about credential...

    Hundreds of multinational companies aimed by Russian BEC Gang

    According to the security firm Agari, there has been a discovery of a newly uncovered Russia-based business email compromise gang; BEC gang that scams...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox