New Phishing Attack Uses An Old Trick

Uploaded on 2018-09-26 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW

A new phishing campaign is using an old trick in an effort to steal login credentials, payment details and other sensitive information from victims by claiming to offer them a tax refund which can only be claimed online. The message claims to be the UK government's tax office, HMRC, and tells potential victims that they're due a tax refund of £542.94 "directly" onto their credit card.

In an attempt to pressure targets into falling for the scheme, they're told that the link to the "customer" portal" expires on the day the message is received, the hope is that this will panic victims into thinking they'll miss out on a sizeable cash payment.

The phishing scam was uncovered by Malwarebytes.

The isn't exactly sophisticated, not only is the subject line extremely poorly formatted and sent from an email address which has nothing to do with government, the attackers have put little effort into the fake HMRC website used to scoop up credentials.

Before reaching this site, those who click through to the 'portal' are first faced with a fake Outlook login page which asks victims for their username and password in what's purely an attempt to steal credentials. After victim’s hands over their email and password, they're taken to a fake 'refund' website which only contains boxes for entering information. Victims are asked to enter their full name, address, phone number, date of birth, mother's maiden name and full credit card details, including the security code.

Essentially, the attackers are harvesting all the data required for not just stealing bank details, but login credentials which could be used to access other accounts, as well as vast amounts of personal information which could easily be exploited for identity theft and fraud, or sold onto others on underground forums.

Tax scams are a common means of cyber criminals attempting to extort information or money from victims: HMRC states it will never offer a repayment or ask for personal information via email.

However, when people get tempted by the prospect of receiving a payment, they can often lower their defences, even by low-level attacks like this phishing scam. "These attacks can afford to be crude, as the main pressure point is the temptation of an easy cash windfall tied to a tight deadline. Not knowing that HMRC don't issue refund notifications in this manner would also contribute to people submitting details," Chris Boyd, lead malware intelligence analyst at Malwarebytes told ZDNet.

While this phishing attack might seem basic, attackers wouldn't put time into distributing emails if it didn't work. Phishing remains an effective means of conducting cyber-attacks at a number of levels, ranging from low-level scams like this, to high-level hacking and espionage campaigns by nation-state level attackers.

Indeed, a recent report by the US Department of Justice concluded that some of the biggest cyber-attacks in recent years, including the North Korean attacks against Sony and the Swift banking network began with a simple phishing email. 

ZDNet:               Image: Nick Youngson

You Might Also Read:

Phishing Tools Used To Attack The Power Grid:

‘Important Information About Your Credit Card’:

 

 

« Insurance Experts Expect Higher Cyber Losses
Smartphones Are Working For Dutch Police »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Cigniti Technologies

Cigniti Technologies

Cigniti Technologies provides Independent Software Testing (IST) Services including software security testing.

CyberSource

CyberSource

CyberSource provides online payment and fraud management services for medium and large-sized merchants.

Assuria

Assuria

Assuria Cyber Security solutions provide protective monitoring of systems and user activity across the whole IT infrastructure.

Combitech

Combitech

Combitech is the Nordic region’s leading cyber security consultancy firm, with about 260 certified security consultants helping companies and authorities prevent and manage cyber threats.

Critifence

Critifence

Critifence provides unique Cyber Security solutions designed for Critical Infrastructure, SCADA and Industrial Control Systems.

NopSec

NopSec

NopSec provides automated IT security control measurement and risk remediation solutions to help businesses protect their IT environments from security breaches.

Red Canary

Red Canary

Red Canary continuously monitors and analyzes your endpoints, users, and network activity in search of threatening behaviors, patterns, and signatures.

Crashtest Security

Crashtest Security

Crashtest Security is a cyber security company that helps digital companies to continuously create secure software with the help of automated vulnerability assessments.

Red Snapper Recruitment

Red Snapper Recruitment

Red Snapper Recruitment is a market leading staffing services provider to the law enforcement, cyber security, offender supervision and regulatory services markets.

Corellium

Corellium

Corellium are dedicated to supporting our peers in the ARM community who seek to build more secure, performant, and accessible software and devices.

Yoti

Yoti

Yoti offer a suite of business solutions that span identity verification, age estimation, e-signing and AI anti-spoofing technologies.

Zyston

Zyston

Zyston's solutions provide end-to-end management of your cybersecurity needs. Our range of services help protect your business where it needs it the most.

Google Cloud

Google Cloud

Accelerate your digital transformation. Whether your business is early in its journey or well on its way to digital transformation, Google Cloud can help solve your toughest challenges.

DHCO IT

DHCO IT

The DHCO IT team are experts in IT support, cyber security, cloud support and disaster recovery, and are Microsoft 365 partners.

Entitle

Entitle

Entitle's SaaS-based platform automates how permissions are managed, enabling organizations to eliminate bottlenecks and implement robust cloud least privilege access.

SysGroup

SysGroup

SysGroup is an award-winning managed IT services, cloud hosting, and IT consultancy provider.