Abnormal Security has released a new blog revealing how attackers attempt to steal payment information by posing as UPS and FedEx and sending false shipment notifications about an upcoming delivery. Mike Britton, the CISO of Abnormal Security, will walk you through both UPS and FedEx impersonation attacks, why this phishing attack is noteworthy, and what makes these attacks challenging to detect.
Within their investigations, Abnormal Security found that shipping service providers were the third most imitated types of attacks. This attack used a remarkable level of detail and impersonation, which made the emails and the accompanying phishing sites especially convincing.
The emails sent out to victims, impersonating UPS, claimed that the package has an unclear transit status and that the recipient must verify info using the provided link. The fake FedEx notification uses a similar tactic stating that delivery was attempted but failed and the recipient must confirm their address through the provided link. In both cases, victims are encouraged to click on a link that unknowingly leads to a detailed, multi-step phishing site.
You can read the blog post here.
Related
This entry was posted on June 26, 2024 at 9:17 am and is filed under Commentary with tags Abnormal Security. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Abnormal Security Unpacks Latest Phishing Attack: UPS & FedEx Impersonated to Ship Victims Directly to Phishing Sites
Abnormal Security has released a new blog revealing how attackers attempt to steal payment information by posing as UPS and FedEx and sending false shipment notifications about an upcoming delivery. Mike Britton, the CISO of Abnormal Security, will walk you through both UPS and FedEx impersonation attacks, why this phishing attack is noteworthy, and what makes these attacks challenging to detect.
Within their investigations, Abnormal Security found that shipping service providers were the third most imitated types of attacks. This attack used a remarkable level of detail and impersonation, which made the emails and the accompanying phishing sites especially convincing.
The emails sent out to victims, impersonating UPS, claimed that the package has an unclear transit status and that the recipient must verify info using the provided link. The fake FedEx notification uses a similar tactic stating that delivery was attempted but failed and the recipient must confirm their address through the provided link. In both cases, victims are encouraged to click on a link that unknowingly leads to a detailed, multi-step phishing site.
You can read the blog post here.
Share this:
Like this:
Related
This entry was posted on June 26, 2024 at 9:17 am and is filed under Commentary with tags Abnormal Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.