New Phishing Attack Uses An Old Trick

Uploaded on 2018-09-26 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW

A new phishing campaign is using an old trick in an effort to steal login credentials, payment details and other sensitive information from victims by claiming to offer them a tax refund which can only be claimed online. The message claims to be the UK government's tax office, HMRC, and tells potential victims that they're due a tax refund of £542.94 "directly" onto their credit card.

In an attempt to pressure targets into falling for the scheme, they're told that the link to the "customer" portal" expires on the day the message is received, the hope is that this will panic victims into thinking they'll miss out on a sizeable cash payment.

The phishing scam was uncovered by Malwarebytes.

The isn't exactly sophisticated, not only is the subject line extremely poorly formatted and sent from an email address which has nothing to do with government, the attackers have put little effort into the fake HMRC website used to scoop up credentials.

Before reaching this site, those who click through to the 'portal' are first faced with a fake Outlook login page which asks victims for their username and password in what's purely an attempt to steal credentials. After victim’s hands over their email and password, they're taken to a fake 'refund' website which only contains boxes for entering information. Victims are asked to enter their full name, address, phone number, date of birth, mother's maiden name and full credit card details, including the security code.

Essentially, the attackers are harvesting all the data required for not just stealing bank details, but login credentials which could be used to access other accounts, as well as vast amounts of personal information which could easily be exploited for identity theft and fraud, or sold onto others on underground forums.

Tax scams are a common means of cyber criminals attempting to extort information or money from victims: HMRC states it will never offer a repayment or ask for personal information via email.

However, when people get tempted by the prospect of receiving a payment, they can often lower their defences, even by low-level attacks like this phishing scam. "These attacks can afford to be crude, as the main pressure point is the temptation of an easy cash windfall tied to a tight deadline. Not knowing that HMRC don't issue refund notifications in this manner would also contribute to people submitting details," Chris Boyd, lead malware intelligence analyst at Malwarebytes told ZDNet.

While this phishing attack might seem basic, attackers wouldn't put time into distributing emails if it didn't work. Phishing remains an effective means of conducting cyber-attacks at a number of levels, ranging from low-level scams like this, to high-level hacking and espionage campaigns by nation-state level attackers.

Indeed, a recent report by the US Department of Justice concluded that some of the biggest cyber-attacks in recent years, including the North Korean attacks against Sony and the Swift banking network began with a simple phishing email. 

ZDNet:               Image: Nick Youngson

You Might Also Read:

Phishing Tools Used To Attack The Power Grid:

‘Important Information About Your Credit Card’:

 

 

« Insurance Experts Expect Higher Cyber Losses
Smartphones Are Working For Dutch Police »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Omerta

Omerta

Omerta is a global security technology and services company. We advise, consult, design, build, mitigate, protect, manage, provide and train to protect from increasing cyber threats.

CipherPoint Software

CipherPoint Software

CipherPoint Software provides data-centric auditing and protection solutions for securing unstructured information

CionSystems

CionSystems

CionSystems provides identity, access and authentication solutions to improve security and streamline IT infrastructure management.

Raytheon Technologies

Raytheon Technologies

Raytheon Intelligence & Space delivers solutions that protect every side of cyber for government agencies, businesses and nations.

Perseus Cyber Security

Perseus Cyber Security

Perseus provides all-around digital protection for small and medium-sized businesses through state-of-the-art software solutions, flexible online training and emergency response.

Intuity

Intuity

The Intuity suite of services provides companies with a complete awareness of their security status and helps them in an efficient, efficient and sustainable improvement process.

Connectitude

Connectitude

Connectitude IIoT Platform ™ is a complete solution for industrial IIoT.

ISTC Foundation

ISTC Foundation

ISTC Foundation is one of the leading innovation centers in Armenia, founded by joint initiative of IBM, USAID, Armenian Government and Enterprise Incubator Foundation.

Blaick Technologies

Blaick Technologies

Blaick is an Israeli cyber-security company which deploys proprietary Artificial Intelligence threats detection technology for early prevention of online cyber crime.

SecurIT360

SecurIT360

SecurIT360 is a full-service specialized Cyber Security and Compliance consulting firm.

Symptai Consulting

Symptai Consulting

Symptai Consulting is a leading Cyber Security, Digital Transformation and Anti-Money Laundering firm serving the Caribbean and the wider world.

Federal Bureau of Investigation (FBI)

Federal Bureau of Investigation (FBI)

The mission of the FBI is to protect and defend against intelligence threats, uphold and enforce criminal laws, and provide criminal justice services.

Auxilion

Auxilion

Auxilion is an award-winning provider of consulting and IT support services, technologies and consulting for public and private organisations in the UK and Ireland.

Cydea

Cydea

Cydea are an optimistic cyber security consultancy of experts in security, data, technology and design that want to build a safer, more secure world where more things go right.

Infosec Ventures

Infosec Ventures

Infosec Ventures incubates and scales cyber security innovators that solve inefficiencies in cyber security.

Brava

Brava

Brava is your trusted Business Communications and Solutions partner serving the Caribbean and Atlantic region.