Scammers are using new tactics to take advantage of those trying to make the best out of a tough situation
Amidst the Covid-19 crisis, where many people are struggling to find work and scrambling to find new ways to make money, scammers are taking advantage of the situation and seeking to make a profit.
Like a fleet of Trojan horses, seemingly non-threatening emails are sent to recipients offering the chance to make some quick income, only to lure them straight into a trap. This has been a particular problem in Europe, especially in Poland, Germany, and Italy.
The contents of a PDF attached to a malicious email
A scam email with an attachment
A scammer’s landing page for the UK, Czech Republic and Poland
A registration form on detector-million[.]t500track12[.]com
Pop-up after filling in the registration form
Fabricated stories used to corroborate the scam
Number of links detected by country
Scammers are trying to turn as many heads as possible at a time where people’s heads are already spinning with the crisis. Even a simple website without any sophisticated source code could do the trick if they create an offer convincing enough, and if the trap is set at just the right time.
Avast Threat Intelligence has identified a new advanced persistent threats (APT) campaign targeting government agencies and a government data center in Mongolia.
Our Aposemat Team has been testing the capabilities of IPv6 and how malware could take advantage of it. One of the topics explored was exfiltration of data via the IPv6 protocol, which we discuss in this post.
Popular banking services, including PayPal, Revolut and Venmo, allow users to request money from others with a few easy steps. Although simple, this functionality could increase the likelihood of related spearphishing attacks.