CyberSecurity news
FlagThis
@gbhackers.com
//
Cybercriminals are increasingly employing sophisticated tactics to bypass traditional security measures and ensnare unsuspecting users in phishing scams. One notable trend is the use of benign-worded email subjects such as "request," "forward," and "report" to lower suspicion. Additionally, attackers are leveraging URL shorteners and QR codes to mask malicious links, making it harder for users and security systems to identify threats. These techniques allow cybercriminals to evade detection and increase the likelihood of successful attacks aimed at stealing personal and financial information.
Tax-themed phishing campaigns are surging as the United States approaches Tax Day on April 15th. Microsoft has observed threat actors exploiting tax-related anxieties through emails containing malicious attachments. These attachments frequently include QR codes that redirect users to fake login pages designed to steal credentials. In other instances, attackers embed DoubleClick URLs in PDF attachments that redirect users through shortened links to fake DocuSign pages, serving either malicious JavaScript files leading to malware installation or benign decoy files based on filtering rules.
The malware families being deployed in these campaigns are becoming increasingly advanced. Latrodectus, for example, features dynamic command-and-control configurations and anti-analysis capabilities, allowing attackers to execute Windows commands remotely and establish persistence through scheduled tasks. BruteRatel C4 (BRc4), originally designed for red-teaming exercises, is being exploited for post-exploitation activities, enabling attackers to bypass security defenses. According to Kendall McKay, strategic lead for cyber threat intelligence at Cisco’s Talos division, phishing scams are constantly evolving to maintain their effectiveness.
ImgSrc: blogger.googleu
References :
Tax-themed phishing campaigns are surging as the United States approaches Tax Day on April 15th. Microsoft has observed threat actors exploiting tax-related anxieties through emails containing malicious attachments. These attachments frequently include QR codes that redirect users to fake login pages designed to steal credentials. In other instances, attackers embed DoubleClick URLs in PDF attachments that redirect users through shortened links to fake DocuSign pages, serving either malicious JavaScript files leading to malware installation or benign decoy files based on filtering rules.
The malware families being deployed in these campaigns are becoming increasingly advanced. Latrodectus, for example, features dynamic command-and-control configurations and anti-analysis capabilities, allowing attackers to execute Windows commands remotely and establish persistence through scheduled tasks. BruteRatel C4 (BRc4), originally designed for red-teaming exercises, is being exploited for post-exploitation activities, enabling attackers to bypass security defenses. According to Kendall McKay, strategic lead for cyber threat intelligence at Cisco’s Talos division, phishing scams are constantly evolving to maintain their effectiveness.
ImgSrc: blogger.googleu
Share:
References :
- gbhackers.com: Hackers Use URL Shorteners and QR Codes in Tax-Themed Phishing Attacks
- Malwarebytes: QR codes sent in attachments are the new favorite for phishers
- www.cysecurity.news: Phishing Scams Are Getting Smarter – And More Subtle : Here’s All You Need to Know
Classification:
- HashTags: #Phishing #Cybersecurity #Scams
- Company: Multiple
- Target: Individuals and Organizations
- Feature: Phishing
- Type: Phishing
- Severity: Medium