Threat Management, Email security, Vulnerability Management
Widespread gift card BEC attack detailed
Share
Cybercrime operation Lilac Wolverine has launched a massive gift card business email compromise attack, which lures targets into giving gift cards to individuals posing as seriously ill people or having lost relatives to illnesses, ZDNET reports.
Attackers who have successfully compromised an email address have resorted to copying the victim's address book and proceeding to create a similar account through free webmail services, an Abnormal Security report revealed.
The newly created email accounts are then used for BEC phishing lure delivery in an effort to better evade detection and suspicion.
"The pretexts the group uses in their BEC campaigns are meant to elicit an emotional response that they hope would persuade a target to comply with their request. Like other gift card BEC attacks, since the target population is substantially larger than other types of attacks, their success rate doesn't need to be that high to get a good return on investment on their campaigns," said Abnormal Security Director of Threat Intelligence Crane Hassold.
Related Events
Related Terms
Bring Your Own Device (BYOD)Brute ForceCorruptionDarknetDeauthentication AttackDefacementDistributed ScansDomain HijackingDrive-by DownloadEmail SpoofingGet daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds