Three New Dangerous Phishing Attacks You Need to Be Aware Of

Three New Dangerous Phishing Attacks You Need to Be Aware Of

Phishing Attacks remains one of the most lucrative ploys of hackers. That’s why 94% of malware is delivered via phishing emails and approximately 64% of all businesses have experienced a phishing attack within the last 12 months.

One of the dangers of phishing is that it’s always morphing. And scammers are always trying new tactics to fool users into downloading code or revealing login credentials.

The results can be a devastating data breach that bypasses IT security or the theft of financial account credentials through a fake login form.

One of the most important defenses against phishing attacks is user awareness. This means that employees not only need to know best practices for spotting phishing emails.

But also the new types of phishing scams coming their way, so they’ll be better able to spot them in the midst of a busy day.

For example, earlier this year coronavirus phishing attacks starting flooding inboxes with scams, taking advantage of the confusion surrounding the pandemic. 

There are three new phishing attacks that you need to be aware of. They exploit relationships people may have with PayPal and Netflix, as well as use a new tactic to steal any file attachments in your email.

We’ll break down each below as well as review best practices for phishing safety.

PayPal Phishing Scams

A new round of PayPal fishing scams has been circulating recently. These can be particularly dangerous because PayPal is typically directly connected to the user’s bank account or debit card. So, if a crook can access your account, they can steal from you directly.

These phishing scams usually use a sense of urgency or scare tactics. Such as “Click here to confirm your email, or your account will be locked.” They’ll also use the lure of a new feature that you “have to act on now.”

The emails will typically take people to a spoofed PayPal login page that looks like the real thing but is designed to instantly steal and exploit their credentials before they have a chance to change their password.

Some commonalities with these new PayPal phishing scams include:

  • They are typically sent from the email: Secure(at)intl-limited(dot)com, or a variation 
  • They may make claims that your account is limited or being restricted or that there has been “unusual activity” on your account

You can see some examples at Malwarebytes.

Netflix Payment Phishing Scams

The popularity of Netflix has made the brand a popular spoofing target for phishing scammers. 

In these scams, people will receive an email that may spoof the Netflix logo and signature and states that your monthly Netflix payment has failed.

There will be a link in the email that takes a person to a spoofed login page and asks them to re-enter their credit card details.

Scammers are masters at duplicating the look of a legitimate company’s email, even spoofing the Netflix customer support email address. 

People that look closely when they get to the login page will notice a difference in the domain address, even though the page appears as if it’s a Netflix site.

Unfortunately, this ploy has been a successful way for criminals to steal credit card numbers, which means they’re just going to keep on using it and variations of it.

Phishing Scams Using a New Email Attachment Stealer

A large botnet recently began deploying a new dangerous type of malware designed to seek out and steal any email attachments sitting in person’s inbox, mail folders, or sent folder.

The phishing scam often uses fake invoices and manifests to get people to open a malware infected document.

The specific exploit is called a QakBot payload and it includes the ProLock ransomware strain. Plus this new malware designed to steal email file attachments.

Related: Using Multi-Factor Authentication to Prevent Data Breaches

Once the infected document is opened, the malware is released and scans the user’s email folders for any email attachments. These are then stolen and recycled into future phishing email attachments.

By using a legitimate document, especially one that someone in your organization may recognize. A phishing scammer has a much better chance that the user will open the attachment.

Phishing attackers can easily get lists of entire organizations on sites like LinkedIn or elsewhere. They then can deploy a targeted spear phishing attack within that organization using a real document from the company as the lure.

Best Practices to Protect Against Phishing Scams

Preventing phishing takes a two-pronged approach. One part is putting software in place that can block phishing emails before they get into user inboxes.

The second part is conducting ongoing user phishing awareness training. So they know how to spot phishing emails and avoid falling for them. This includes using tactics like:

  • Hovering over links before clicking to see the real URL
  • Never visiting a site (like PayPal, etc) from an email link, instead go directly to their page in your browser
  • Be vigilant about reviewing URLs and email “From” addresses to spot fakes
  • Ask yourself, “Is this email expected?” If not, take the stance that it is most likely a fake and proceed accordingly
  • Get a second opinion from an IT professional before taking action on a questionable email

Keep Your Devices Monitored & Protected from Phishing Attacks

Don’t risk losing all your data or suffering a financial breach due to a phishing attack. RCOR can help you with solid cybersecurity solutions to keep your business and users protected.

Contact us today to schedule a cybersecurity consultation. Call 919-263-5570 or contact us online.