Stories
Slash Boxes
Comments

SoylentNews is people

posted by Fnord666 on Monday January 23 2017, @01:21AM   Printer-friendly
from the phishers-are-tricksy dept.

While browsing around the web, I ran across this and thought it might also interest my fellow Soylentils:

Hackers have reportedly devised a new phishing method which seems to be tricking even the most experienced and tech savvy users into revealing their account details.

The highly effective phishing campaign seems to be running on a sophisticated automation feature that pounces on newly compromised Gmail accounts to mount a secondary attack on users in the contact list.

Once hackers have taken over a Gmail account, they launch their secondary attack by sending out emails disguised under recently sent attachments and a relevant subject line. The email contains a thumbnail version of the attachment which, when clicked, opens up a convincing Gmail login box a trap that tricks users in revealing their Gmail account password.

http://www.toptechnews.com/article/index.php?story_id=112003V43BDC

Just a heads-up in case you see one of these babies in your inbox....


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 5, Interesting) by nobu_the_bard on Monday January 23 2017, @03:47PM

    by nobu_the_bard (6373) on Monday January 23 2017, @03:47PM (#457666)

    This is nothing. The thing that's really been working lately is links embedded in PDF and DOC files.

    Word is stupid enough to open a file formatted as DOCX or such, but using the DOC extension, and it's annoying as heck to get spam scanning for this because of how DOCX files are formatted. The increased security features of Word lately these days mitigates this a bit though...

    The PDFs are a more significant recent problem. Sometimes you can parse these as text files (the URLs are often just in plain text in the body) but sometimes not. Sometimes they are huge files, tons of junk image data, to waste scanner time.

    What gets my users the most, currently, is these phishes being phrased as replies to faked queries with attached PDFs coming from legitimate (compromised) senders. For some reason, an alarming number of users seem to not notice they didn't send the query (like "hey can you tell me more about the sales opportunity"), particularly if the spammers date the query Friday and then have it look like they followed up on Monday ("sure just read the attached document")...

    The real problem in phishing lately is "hailstorm" phishing, which is several hundred thousand phishing mails sent out from every machine in a botnet inside a 5 minute window. These make RBLs pretty hard to leverage for blocking, since most of them don't update fast enough. Content scanning is already a sketchy endeavor, and tons of spam filtering services lately have been bought out and had their quality drop on top of all this.

    Starting Score:    1  point
    Moderation   +3  
       Interesting=2, Informative=1, Total=3
    Extra 'Interesting' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   5