Spear Phishing Campaign Targets Alberta’s Insurance Industry
Our latest Active Threat Report describes an active spear phishing attack on Alberta insurers. Read the report now to stay informed and protect your organization.
TLP:CLEAR | November 22nd, 2024
Source: Fraud network uses 4,700 fake shopping sites to steal credit cards | BleepingComputer
Overview:
With Black Friday quickly approaching and early sales already taking place, cybercriminals are launching sophisticated campaigns to capitalize on the imminent surge in online shopping. This activity echoes similar scams from this time last year that cost victims an average of $1228 CAD. Researchers at EclecticIQ recently uncovered a phishing campaign by SilkSpecter, a financially motivated Chinese threat actor, targeting shoppers in the US and Europe. SilkSpecter was observed using convincing, yet malicious websites, leveraging the following techniques and tools to give the impression of legitimacy:
Any stolen phone numbers are then used for targeting victims with SMiShing and vishing attacks to steal authentication tokens. If successful, the threat actor could then potentially bypass extra security controls on target accounts such as multi-factor authentication (MFA).
What to Communicate to Executives:
Enable MFA: Despite some of these attacks leading to further attempts to circumvent this measure, adding MFA to accounts and never disclosing your authentication tokens to suspicious contacts via SMS or voice calls will significantly reduce the likelihood of account compromise.
Further Reading: