How to Recognize a Phishing Campaign

Phishing is a cyber attack that uses disguised email as a weapon. Phishing is the fraudulent use of electronic communications to deceive and take advantage of users. Phishing attacks attempt to gain sensitive, confidential information such as usernames, passwords, credit card information, network credentials, and more. By posing as a legitimate individual or institution via phone or email, cyber attackers use social engineering to manipulate victims into performing specific actions like clicking on a malicious link or attachment or willfully divulging confidential information.

Both individuals and organizations are at risk; almost any kind of personal or organizational data can be valuable, whether it be to commit fraud or access an organization’s network. In addition, some phishing scams can target organizational data in order to support espionage efforts or state-backed spying on opposition groups.

There are various phishing techniques used by attackers:

  • Embedding a link in an email that redirects your employee to an insecure website that requests sensitive information
  • Installing a Trojan via a malicious email attachment or ad which will allow the intruder to exploit loopholes and obtain sensitive information
  • Spoofing the sender address in an email to appear as a reputable source and request sensitive information
  • Attempting to obtain company information over the phone by impersonating a known company vendor or IT department

what is the Phishing campaign?

A phishing campaign is an email scam designed to steal personal information from victims. Cybercriminals use phishing, the fraudulent attempt to obtain sensitive information such as credit card details and login credentials, by disguising as a trustworthy organization or reputable person in email communication.

Typically, a phishing campaign is carried out by email spoofing; an email directs the recipient to enter personal information at a fake website that looks identical to the legitimate site. Phishing emails are also used to distribute malware and spyware through links or attachments that can steal information and perform other malicious tasks.

How a Phishing Campaign Works

A phishing campaign uses social-engineering techniques to lure email recipients into revealing personal or financial information. For example, during the holidays, an email pretending to be from a well-known company tells you to go to its website and re-enter your billing information or your package won’t be shipped in time to make it your gift recipient. The only problem is that the fake email is directing you to a fake site, where the information you enter will be used to commit identity theft, fraud, and other crimes.

signs of Phishing attacks

  • The message is sent from a public email domain
  • The domain name is misspelled
  • The email is poorly written
  • It includes suspicious attachments or links
  • The message creates a sense of urgency

Example of phishing Campaign

Malicious Facebook Messages

Several Facebook users received messages in their Messenger accounts from other users already familiar to them. The message consisted of a single.SVG (Scalable Vector Graphic) image file which, notably, bypassed Facebook’s file extensions filter. Users who clicked the file to open it were redirected to a spoofed Youtube page that prompted users to install two Chrome extensions allegedly needed to view the (non-existent) video on the page.

For most users, the two Chrome extensions were used to allow the malware a limited degree of self-propagation by exploiting the “browser’s access to your Facebook account in order to secretly message all your Facebook friends with the same SVG image file.”

On some users’ PCs the embedded Javascript also downloaded and launched Nemucod [PDF], a trojan downloader with a long history of pulling down a wide variety of malicious payloads on compromised PCs. Users unlucky enough to encounter this version of the malicious script saw their PCs being taken hostage by Locky ransomware.

For more cyber security information contact us at help@theweborion.com

Leave a Comment

Your email address will not be published. Required fields are marked *

12 + sixteen =