A new phishing campaign is forcing victims into entering their credentials by claiming their account will be deactivated and it employs a countdown timer to build the pressure.
The malicious campaign begins with a text which claims to warn the recipient that an attempt to log in to their account from a location they haven’t used before has been blocked and is offered a solution in the form of email verification, cybersecurity researchers at Cofense explained in a blog post.
Ransomware attackers frequently employ fear tactics because sending victims into a state of panic means they’re more likely to follow instructions, particularly if they’ve been told something is wrong with their accounts.
What sets this phish apart from other campaigns is the countdown clock displayed to the recipient once the malicious link is accessed. The timer ticks down for an hour, claiming the user must enter their username and password to ‘validate’ their account before the countdown clock hits zero.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: