Avanan has released its newest attack brief that reveals its cybersecurity researchers have observed a new phishing campaign in which hackers are creating email accounts using legitimate QuickBooks domains to send malicious invoices via requesting payments directly from the service.
In this attack, the hacker spoofed brands including Norton and Office 365 in the body of the message. Between built-in legitimacy of actual Quickbooks email to what hackers on the dark web call a double spear, this new attack represents a particularly deceptive and compelling phishing campaign by manipulating the victims into calling a number and paying an invoice to harvest not only credentials but also their telephone numbers for future attacks, whether it’s via text message or WhatsApp.
Avanan’s new research analyzes how hackers leverage legitimate and popular websites to get into inboxes and steal credentials and money. You can read the report here.
Like this:
Like Loading...
Related
This entry was posted on June 23, 2022 at 9:00 am and is filed under Commentary with tags Avanan. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
New Phishing Attack Exploits Real Quickbooks Email Domain Using Dark Web Double Spear Techniques: Avanan
Avanan has released its newest attack brief that reveals its cybersecurity researchers have observed a new phishing campaign in which hackers are creating email accounts using legitimate QuickBooks domains to send malicious invoices via requesting payments directly from the service.
In this attack, the hacker spoofed brands including Norton and Office 365 in the body of the message. Between built-in legitimacy of actual Quickbooks email to what hackers on the dark web call a double spear, this new attack represents a particularly deceptive and compelling phishing campaign by manipulating the victims into calling a number and paying an invoice to harvest not only credentials but also their telephone numbers for future attacks, whether it’s via text message or WhatsApp.
Avanan’s new research analyzes how hackers leverage legitimate and popular websites to get into inboxes and steal credentials and money. You can read the report here.
Share this:
Like this:
Related
This entry was posted on June 23, 2022 at 9:00 am and is filed under Commentary with tags Avanan. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.