By spreading phishing emails aimed at stealing personal data, hackers resort to various sophisticated methods—from prompting quick, thoughtless actions to exploiting users’ interest in current topics. For example, recently, taking advantage of the popularity of the movie “Barbie,” cybercriminals started spreading malicious links supposedly for obtaining free tickets or downloading the film.
According to ESET researchers, the number of phishing threats in 2022 increased by almost 30% compared to the previous year. Although we can all become victims of this type of attack, we should learn to defend ourselves against them. Therefore, ESET specialists have prepared an overview of the most common phishing message subjects used to deceive users, as well as tips for recognizing dangerous emails.
Topics of phishing emails, as well as tips for recognizing dangerous messages. ESET.
1. Request to log in again to the account
One of the most common phishing tactics is notifying users that they have been logged out of their account and asking them to re-enter their credentials. By clicking the link for this, you will be directed to a site that is quite similar to the real one. However, the difference is that after entering the credentials, they are immediately obtained by the attackers and used to access your information. In some cases, cybercriminals can even log in and change the password to prevent further access.
The scammers also try to urge the victims to take urgent actions. As a rule, these emails are disguised as messages from legitimate services such as Amazon, PayPal. At the end of 2018, phishing emails disguised as messages from Netflix about account suspension due to payment issues were circulating online. Meanwhile, users were asked to update their payment information using an embedded link, which was malicious and used to steal login data.
A similar incident occurred with Apple users in 2016, when scammers attempted to steal their personal information through phishing emails about the need to re-confirm account data, as a virus was allegedly found in the Apple iTunes database.
2. The necessity of making urgent payments
Disguising as corporate accounts is a well-known phishing method that targets a specific user or group of employees within a chosen company. Before sending these fraudulent emails, the attackers learn as much as possible about corporate structures, visual elements, and language to make the phishing email sufficiently realistic.
Some of these emails are specifically targeted at employees who are responsible for financial matters. For example, hackers impersonate the CEO or another executive who can authorize a money transfer and ask the victim to send funds to a specific account, supposedly belonging to the same executive or company.
In 2018, such a method was used to steal over 100,000 Canadian dollars in the city of Ottawa. An employee of the treasury service received a fake email supposedly from the mayor about the need to transfer a certain amount, which ultimately ended up in the hands of fraudsters.
3. Job offers
These phishing emails or messages use fake job offers as bait. They can trick potential victims into clicking on a phishing link or opening malicious files sent along with the message, asking the victim, for example, to create an account and enter their personal information to apply for a job.
For example, the Lazarus group conducted numerous similar attacks, during which hackers lured victims with fake job offers. In particular, the attackers distributed them via email, adding malicious files as attachments.
These scams also exist on popular job platforms, so always try to verify whether the company that contacted you or the received offer is legitimate. The latest such attack targeted Linux users with a ZIP file containing a fake job offer at HSBC as bait.
4. Global events
The number of phishing messages also increases during major events. For example, in early 2023, the threat group Fancy Bear conducted a campaign related to the Russian-Ukrainian war. The emails contained a malicious RTF file titled “Nuclear Terrorism is a Very Real Threat,” which prompted the victims to open it. In fact, the document contained an article from the authoritative analytical center Atlantic Council about the low probability of nuclear weapon use.
Add a Comment