Comments
Phishing attacks have become more targeted in Q2 2020 according to a new report by cybersecurity firm Kaspersky.
Hackers are using new ways to launch such phishing attacks from HR dismissal emails to attacks disguised as delivery notifications.
Phishing is a form of social engineering attack that is used to gain personal information including financial credentials and login credentials for social media accounts.
“Phishing is a strong attack method because it is done at such a large scale. By sending massive waves of emails under the name of legitimate institutions or promoting fake pages, malicious users increase their chances of success in their hunt for innocent people’s credentials. The first six months of 2020, however, have shown a new aspect to this well-known form of attack,” the report said.
“To attract attention, fraudsters forged emails and websites from organisations whose products or services could be purchased by potential victims. In the process of making these fake assets, fraudsters often did not even try to make the site appear authentic,” it said.
Hackers have been sending communications to targeted users posing as a range of services including delivery, postal, financial services and human resources.
Beware of attachment
For instance, hackers sent an attachment posing as postal services which targeted users using the Noon. For medical services, these emails posed as important announcements about amendments to the medical leave procedure, or dismissal. Some attachments contained the Trojan-Downloader.MSOffice.SLoad.gen file. This Trojan is most often used for downloading and installing encryptors as per the reports.
“When summarising the results of the first quarter, we assumed that Covid-19 would be the main topic for spammers and phishers for the past few months. And it certainly happened. While there was the rare spam mailing sent out without mentioning the pandemic, phishers adapted their old schemes to make them relevant for the current news agenda, as well as come up with new tricks,” said Tatyana Sidorina, a security expert at Kaspersky.
Comments
COMMENT NOW
Comments
Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.
We have migrated to a new commenting platform. If you are already a registered user of TheHindu Businessline and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.