The U.S. Justice Department has shut down the Slilpp cybercrime marketplace, which sold stolen credentials related to bank accounts and other payment mechanisms, in
GovInfoSecurity Twitter Get Permission The FBI is warning that hackers are increasingly using voice phishing, or vishing, to target remote workers as a way of harvesting VPN and other credentials to gain initial access to corporate networks.
Over the last year, the FBI says, hackers have targeted employees at U.S. and international corporations that use VoIP services through vishing techniques and other types of social engineering attacks. After gaining access to the network, many cybercriminals found they had greater network access, including the ability to escalate privileges of the compromised employees’ accounts, thus allowing them to gain further access into the network often causing significant financial damage, the FBI notes in an alert.
Get Permission
The Australian Cyber Security Center is warning that fraudsters have recently started sending phishing emails that spoof the agency and contain malware designed to steal banking credentials.
In an alert, the agency notes hackers posing as ACSC employees are sending emails requesting that recipients download antivirus software. When the victim clicks on a link, malicious code that can steal banking credentials is downloaded onto the compromised device.
The fraudsters also are using spoofed phone numbers to directly call the victims to ask them to download certain applications. The scammer then attempts to persuade recipients to take actions, such as enter a URL into a browser and access online banking services, which then compromises their computer to reveal banking information, the agency notes.
Malicious domain designed to look like an Office 365 landing page (Source: Abnormal Security)
An ongoing phishing campaign designed to harvest Office 365 credentials is using a Microsoft Outlook migration message, according to researchers at Abnormal Security.
The phishing emails, which are designed to look as if they come from the IT department of the victims organizations, say the recipient must update to the latest version of Microsoft Outlook, according to the report.
When victims click a link within the phishing email, they are directed to a malicious domain that shows an older version of the Outlook sign-up page that’s designed to steal credentials, such as usernames and passwords, the researchers note.