1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • That WhatsApp voice message may be a phishing scam

    From TechnologyDaily@1337:1/100 to All on Tue Apr 5 11:30:04 2022
    That WhatsApp voice message may be a phishing scam

    Date:
    Tue, 05 Apr 2022 10:18:40 +0000

    Description:
    An ongoing phishing campaign aims to install a trojan on victims' devices.

    FULL STORY ======================================================================

    An unknown threat actor is impersonating WhatsApp over email in an attempt to bait victims into installing a trojan, cybersecurity researchers have warned.

    According to a report from Armorblox, the attackers have targeted close to 30,000 endpoints to date, across the healthcare, education and retail
    sectors, and also managed to bypass Microsoft and Google email security filters.

    The report states that the fraudulent emails are coming from the mailman.cbddmo.ru domain, which seems to be associated with a government institution in the Moscow region. It is possible, the researchers note, that the attackers exploited a deprecated version of the parent domain to send the phishing emails. TechRadar needs you!

    We're looking at how our readers use VPNs with different devices so we can improve our content and offer better advice. This survey shouldn't take more than 60 seconds of your time, and entrants from the UK and US will have the chance to enter a draw for a 100 Amazon gift card (or equivalent in USD). Thank you for taking part.

    Click here to start the survey in a new window << Fake voicemail

    The contents of the email itself revolve around a fake WhatsApp voice
    message. The victim will receive an email saying theyve received a new
    private voicemail, and if they want to listen to it, they should click on the Play button provided. Pressing the button redirects the victim to a page that tries to install the JS/Kryptik trojan.

    This is a malicious obfuscated JavaScript code embedded in HTML pages that redirects the browser to a malicious URL and implements a specific exploit, the report reads. Read more

    What is phishing and how dangerous is it?


    This fake Norton antivirus email could really ruin your weekend


    Watch out - that PayPal email could be a phishing attack

    After landing on the page, the victim would need to confirm they are not a robot, and clicking on the allow popup, researchers suggest, could install
    the malicious payload.

    JS/Kryptik can steal sensitive information stored within the browser, such as passwords , the researchers went on to explain.

    As usual, all users are warned not to click on links or download attachments from emails that come out of the blue, or from suspicious addresses. Email is still the most popular attack vector for threat actors, so users are advised to stay vigilant. Protect your virtual premises from phishing with the best identity management software right now



    ======================================================================
    Link to news story: https://www.techradar.com/news/that-whatsapp-voice-message-may-be-a-phishing-s cam/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)