Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label phishing email scam. Show all posts
phishing email scam
cybercrime awareness email malware threat fake credit card email malware Malware Attack online safety tips phishing email scam

New Phishing Scam Uses Fake Credit Card Emails to Spread Info-Stealing Malware

 

A new wave of phishing emails is targeting unsuspecting users with what appears to be a harmless message from their credit card company—but behind that official-looking facade lies a dangerous malware threat.

According to a report by Cybernews, cybercriminals are sending fake emails that warn recipients about recent credit card activity, urging them to confirm or verify a transaction. These emails mimic genuine alerts from financial institutions and appear convincing at first glance. However, the real danger lies within the attachment or link included in the message.

Rather than a standard PDF or receipt, the attachment hides a .LNK file—commonly used for Windows shortcuts—disguised as an HTML page or pop-up. When clicked, it redirects the user to a seemingly legitimate website designed to hold their attention. Meanwhile, in the background, a multi-stage malware infection quietly begins.

One of the key techniques used in this attack is known as Reflective DLL Injection, which loads malicious code directly into the system's memory—specifically targeting Chrome browsers. This allows hackers to bypass traditional antivirus detection and gain deep access to the user’s device.

“The hackers can then proceed with any additional attacks including keylogging, data theft and creating a backdoor on the infected computer,” the report notes.

Once compromised, the infected device becomes a goldmine for attackers. They can log keystrokes, steal browser history, capture passwords, harvest credit card numbers, and even take over accounts—leading to financial fraud or identity theft.

To avoid falling victim, users are advised to exercise caution with any unexpected email that urges action, especially those involving money or security. Instead of clicking on links or attachments, visit the company’s official website by manually entering the URL, or access your account via their official app.

Additional cybersecurity measures can offer crucial layers of protection:

  • Enable two-factor or multi-factor authentication to block unauthorized access even if credentials are stolen.
  • Use a password manager to create and securely store complex, unique passwords across all online accounts.
  • Install trusted antivirus software with features like browser protection, real-time scanning, and a VPN to guard against shady websites and network threats.

As phishing scams continue to evolve, staying alert and informed is the best defense. If an email seems too urgent, too alarming, or too convenient—pause, verify, and protect your data.
Read more »
Remote Access Software
Amsterdam cybercrime investigation bank helpdesk fraud Cyber Fraud cybercriminal arrests email database discovery online banking theft phishing email scam Remote Access Software

Sophisticated Dutch Bank Helpdesk Scam Unveils Database with Over 7 Million Email Addresses

 

In January, authorities in Amsterdam made six arrests as part of a significant cybercrime inquiry, leading to the unearthing of a database containing 7.3 million email addresses, with around 5 million linked to Dutch residents. The investigation initially targeted a bank helpdesk scam, wherein the perpetrators operated with a high level of professionalism akin to a call center.

Investigators stumbled upon the email lists on a laptop belonging to one of the suspects. They caution the public about the broader risks associated with phishing emails, as this extensive list has been circulated within the cybercriminal community for potential reuse in various fraudulent activities.

The case unfolded when approximately 30 individuals fell victim to a scheme where impostors, posing as bank representatives, deceived them into believing they were corresponding with other legitimate organizations. After victims responded to these emails, they were subsequently contacted by individuals masquerading as bank employees. These perpetrators employed psychological tactics, including feigning concern over the victims' involvement in a scam, to gain their trust.

Victims were then coerced into installing a remote access software called 'Anydesk,' which allowed the criminals to manipulate their computers from afar, ultimately siphoning off substantial sums of money through online banking. In some instances, the perpetrators even went as far as visiting victims in person to collect debit cards and valuables.

Following the arrests on January 24, which occurred in Amsterdam, Almere, and Heemskerk, authorities seized laptops, mobile phones, and debit cards. One suspect was subsequently released. Notably, one of the confiscated laptops contained the aforementioned email database.

Despite the apprehension of the suspects, authorities emphasize that the danger persists, as such lists continue to be traded and utilized by cybercriminals. They urge individuals to verify if their email addresses have been compromised and to exercise caution when encountering suspicious communications.

To combat such threats, the police have launched websites where individuals can ascertain if their email addresses have been compromised and verify the legitimacy of links received through various channels. Additionally, they advise individuals to hang up on anyone claiming to represent a bank and to independently verify such claims by contacting the bank's official customer service line.

Furthermore, the public is urged never to allow anyone to collect their debit cards or install programs on their computers. It's essential to educate vulnerable individuals, such as the elderly, about these fraudulent practices to prevent further victimization.
Read more »
Subscribe to: Posts (Atom)