Campaign Delivers Over 550 Million Phishing Emails in Q1 of 2018
CYBER NEWS

Campaign Delivers Over 550 Million Phishing Emails in Q1 of 2018

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...

Security researchers just discovered a new phishing attack that is responsible for the distribution of over 550 million emails since Q1 2018. The campaign was first detected in the beginning of January when it was observed targeting users on a global scale. Countries with high concentrations of impacted email users include the US, UK, France, Germany, and the Netherlands, Vade Secure researchers recently shared.

Related Story: Netflix Phishing Scams – How to Recognize and Counter Them

New Phishing Campaign Targets Bank Accounts

The purpose of the phishing attack is to steal users’ bank account details. Targeted users are lured by offers about coupons or discounts in exchange for taking part in a quiz or online contest. Typically, the phishing emails attempt to fool users by representing popular brands, streaming services and telecom operators, depending on the country of the targeted users. One example is Canada Pharmacy in the United States, and Orange and Carrefour in France. To increase the click-rate of the phishing message, it comes written in the language of the targeted user group.

Phishing pages are typically hosted on pirated websites. In this case, the IP addresses, servers, and domain names appear to be leased and therefore legitimate. Because the infrastructure cost is high, amounting to several tens of thousands of dollars, the attack is likely being undertaken by a serious criminal organization.

On top of that, the attackers deployed tools to shorten URLs and link several hundred URLs together, thus succeeding to hide the ultimate destination address and jam detection tools.

Here’s an example of one of the detected phishing emails:

As visible, the message involves Bitcoin, and this is not surprising at all. In 2017, there were plenty of spam campaigns built on the hottest topic of Bitcoin and altcoins. Cryptocurrencies gained “a foothold in advertising spam and fraudulent mailings” throughout 2017. The all-so-typical spam campaigns themed with “earn from home” promises, financial pyramids, fake lottery wins, etc., are now replaced with the theme of crypto, and the trends will definitely continue to evolve throughout 2018.

Related Story: Spam in 2017: Cryptocurrency Scams Sneaked in the Inbox

These techniques are quite sophisticated and were not easy to detect by many email security solutions, the research found. Gartner experts have already come to the conclusion that advanced threats are easily circumventing the signature-based and reputation-based prevention mechanisms that a secure email gateway traditionally deploys.

How to Stay Protected Against Phishing Scams: Useful Tips

In some cases, all that is required to rid of some phishing scams is simple to ignore the message, never respond to it and delete it. Other scams, however, require further action, such as thoroughly scanning your computer with security software to determine whether you have some malware component that is pushing spoofed messages to your computer, browser or email address.

In case you believe your computer is endangered because you have interacted with some form of a phishing email, it’s strongly recommended to scan it with security software.


SpyHunter scanner will only detect the threat. If you want the threat to be automatically removed, you need to purchase the full version of the anti-malware tool.Find Out More About SpyHunter Anti-Malware Tool / How to Uninstall SpyHunter

Avatar

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum for 4 years. Enjoys ‘Mr. Robot’ and fears ‘1984’. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:
Twitter

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...