Not ready to face defeat, however, the attacker tried to carry out the attack again a few days later. Fortunately, the victim realized that there was something “phishy” about the message and didn’t click on the link. In the example above, the target of the attack owns a YouTube channel with hundreds of thousands of subscribers, so the topic of the message fits pretty well with that profile.
#Suspicious package met zip file
Once entered, the victim will be asked to download a ZIP file that contains a Redline Trojan variant that’s designed to steal passwords, crypto wallets, and more. When clicking on the link, the victim is redirected to another site where they’re asked to enter a hardcoded CAPTCHA. As I mentioned earlier, people using this service can upload a broad variety of file types to Adobe Acrobat Sign, which will be displayed in the email with the option to sign them.Ĭybercriminals include text with a link in a document that gives the victim the idea that they’ll be through the content before signing it.
When the victim clicks on the “Review and sign'' button, it takes them to a page hosted in “/public/”, which is another legitimate source that belongs to Adobe. The sender’s address displays as which is a legitimate email address. This is one of the messages that our team has captured: The sender can add text that they’d like to be shown in the email, which is an important detail, as it can easily be abused by cybercriminals. The email includes a link to the document (which can be a PDF, Word document, HTML file, and so on) that will be hosted on Adobe itself. When doing so, an email will be generated and sent to the intended recipients. Adobe Acrobat Sign allows registered users to send a document signature request to anyone. How today’s cybercriminals are making use of this innovative techniqueĪdobe offers a cloud service to sign documents online called Acrobat Sign, which users can register for and start using it right away. Chances are that this type of email will not only bypass all cybersecurity layers, but it will also fool the final user. What if an attacker could manage to make a well known company distribute an email on his behalf? What if the only link in that email takes the reader to a website belonging to the same company? In this message, there aren’t any suspicious senders, suspicious URLs, or the inclusion of other websites – everything is legit. In any case, we can’t underestimate the ability of these cybercriminals to carry out malicious activities. Don’t get me wrong, though: Modern bad actors are professionals that make a living out of cybercrime, and they invest a lot in making their tricks (they sometimes deliver them in messages that make their way past seasoned security professionals). Not only have the different protection mechanisms have evolved – individuals have also grown more tech-savvy, and it has become increasingly more difficult to fool them. Although the prevalence of email worms is much lower these days, email phishing is the new prevalent threat users have to face today, despite email being a great tool used by most internet users.
20 years ago, we witnessed the frequent distribution of email worms, which caused inboxes to be flooded with them and mail servers to collapse. Over time, security technology has evolved and improved greatly, making this task harder for cybercriminals. What if an attacker could manage to make a well-known company distribute an email on their behalf?īad actors have been distributing malware through email for decades.
0 kommentar(er)
