Ongoing phishing scams reportedly targeting AMEX and Netflix clients
Office 365 Threat Research Team just discovered 2 separately running phishing campaigns attacking customers of American Express and Netflix for theft of social security and credit card details.
Cyber-criminals use malware, especially 0-day exploits, which characteristically form the major e-threat seeking confidential information.
The Windows Defender Security Intelligence provides the details on Twitter. It states two large-scale phishing campaigns running still now targeted AMEX and Netflix during the weekend as discovered Office 365 Threat Research Team. The customers are being protected from both the campaigns through detonation-based safeguards and machine learning within Office 365 ATP.
The phishing scam aimed at Netflix customers divert the victims onto one legitimate appearing downloadable form for theft and exfiltration of credit card details such as card number, its date of expiry, security code, Personal Identification Number (PIN) and bank name, as well as billing details such as name, birth date, address, electronic mail id, phone number, and Social Security Number (SSN). www.bleepingcomputer.com posted this, March 19, 2019.
AMEX customers on the other end of another phishing campaign are being phished off their sensitive information as the attackers distribute a general type of message titled "Notice Concerning Your CardMember Account." The notification states that bank has temporarily stopped the customer from using his profile of card member as also that he requires taking down and completing a given form for substantiating his records. Incidentally, phishing attacks, currently a most frequently occurring cyber threat, are growing a huge 250 percent.
Phishing attacks are also more sophisticated via the employment of increasingly complex phishing websites which appear more genuine to potential victims. Such websites resemble popular document sharing and cloud hosting platforms that phishing targets frequently trust to be secure just because of their name recognition.
Moreover, though more sophisticated, phishing scams happen to be easily accessible to not so sophisticated operators as well. Phishing toolkits that work through temporary servers and craft copies of well-known websites are available from illegitimate markets at comparatively small prices. These crafty solutions just need the attackers to distribute one pre-fabricated e-mail containing malware-laced web-links embedded on the message for reaching the desired targets.
» SPAMfighter News - 3/27/2019
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!