This article has been indexed from E Hacking News – Latest Hacker News and IT Security News
Cybersecurity researchers at Cofense Phishing Defense Center (PDC) have unearthed a new phishing campaign that uses ‘information technology (IT) support-themed email’ to lure users to update their passwords.
The email appears legitimate because it’s a common practice within organizations to send security updates to their employees on a weekly or monthly basis. IT team deploys a reset password communication mail to strengthen the employee’s email security. Therefore, it’s a smart move by the attackers to target organizations via phishing email.
Researchers first suspected the email because the domain was only a few months old. However, the domain address “realfruitpowernepal[.]com” was identical to an organization’s internal IT department, yet a further examination of the domain led to a free web design platform. The second red flag was the opening of the email that doesn’t contain phrases such as “Good Morning” or “Dear…”, possibly suggesting the mass-email attack.
When the user proceeds further by clicking on the “Continue” button, a Mimecast link appears, along with the now censored user email address toward the end of the URL. The users might not feel anything dubious because scammers have used the correct spelling and name, which directs users to a Mimecast web security portal that gives them two options:
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: Scammers Use ‘IT Support-Themed Email’ to Target Organizations