New Phishing Attack Uses An Old Trick

Uploaded on 2018-09-26 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW

A new phishing campaign is using an old trick in an effort to steal login credentials, payment details and other sensitive information from victims by claiming to offer them a tax refund which can only be claimed online. The message claims to be the UK government's tax office, HMRC, and tells potential victims that they're due a tax refund of £542.94 "directly" onto their credit card.

In an attempt to pressure targets into falling for the scheme, they're told that the link to the "customer" portal" expires on the day the message is received, the hope is that this will panic victims into thinking they'll miss out on a sizeable cash payment.

The phishing scam was uncovered by Malwarebytes.

The isn't exactly sophisticated, not only is the subject line extremely poorly formatted and sent from an email address which has nothing to do with government, the attackers have put little effort into the fake HMRC website used to scoop up credentials.

Before reaching this site, those who click through to the 'portal' are first faced with a fake Outlook login page which asks victims for their username and password in what's purely an attempt to steal credentials. After victim’s hands over their email and password, they're taken to a fake 'refund' website which only contains boxes for entering information. Victims are asked to enter their full name, address, phone number, date of birth, mother's maiden name and full credit card details, including the security code.

Essentially, the attackers are harvesting all the data required for not just stealing bank details, but login credentials which could be used to access other accounts, as well as vast amounts of personal information which could easily be exploited for identity theft and fraud, or sold onto others on underground forums.

Tax scams are a common means of cyber criminals attempting to extort information or money from victims: HMRC states it will never offer a repayment or ask for personal information via email.

However, when people get tempted by the prospect of receiving a payment, they can often lower their defences, even by low-level attacks like this phishing scam. "These attacks can afford to be crude, as the main pressure point is the temptation of an easy cash windfall tied to a tight deadline. Not knowing that HMRC don't issue refund notifications in this manner would also contribute to people submitting details," Chris Boyd, lead malware intelligence analyst at Malwarebytes told ZDNet.

While this phishing attack might seem basic, attackers wouldn't put time into distributing emails if it didn't work. Phishing remains an effective means of conducting cyber-attacks at a number of levels, ranging from low-level scams like this, to high-level hacking and espionage campaigns by nation-state level attackers.

Indeed, a recent report by the US Department of Justice concluded that some of the biggest cyber-attacks in recent years, including the North Korean attacks against Sony and the Swift banking network began with a simple phishing email. 

ZDNet:               Image: Nick Youngson

You Might Also Read:

Phishing Tools Used To Attack The Power Grid:

‘Important Information About Your Credit Card’:

 

 

« Insurance Experts Expect Higher Cyber Losses
Smartphones Are Working For Dutch Police »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

NuHarbor Security

NuHarbor Security

NuHarbor is a leading information security consulting and advisory firm specializing in Information Security, Compliance, and Risk Management.

CERT-EU

CERT-EU

CERT-EU is a permanent Computer Emergency Response Team for the EU institutions, agencies and bodies.

Secon Cyber Security

Secon Cyber Security

Secon Cyber Security is an Advanced Managed Security Services Provider with long standing experience of providing cyber security solutions to customers ranging from small to large enterprises.

African Cyber Security

African Cyber Security

African Cyber Security and it's partners, have the expertise and skills to provide holistic solutions for companies, institutions and government.

AngelList

AngelList

AngelList champion startups and the people who empower them. Search tech & startup jobs, find new tech products, and invest in startups.

Adyta

Adyta

Adyta specializes in cybersecurity solutions adapted to the needs of sovereign institutions, business groups and other organizations that handle information and sensitive or classified data.

Cyber Polygon

Cyber Polygon

Cyber Polygon is an annual online exercise which connects various global organisations to train their competencies and exchange best practices.

Cyber Security Operations Consulting (CyberSecOp)

Cyber Security Operations Consulting (CyberSecOp)

CyberSecOp is an ISO 27001 Certified Organization which provides cyber security operations services and risk management consulting.

StateRAMP

StateRAMP

StateRAMP reduces risk from unsecure cloud solutions and protects data by providing State and local governments a standardized approach for verifying and monitoring security postures.

Zephyr Project

Zephyr Project

The Zephyr Project strives to deliver the best-in-class RTOS for connected resource-constrained devices, built to be secure and safe.

Surfshark

Surfshark

Surfshark is a cybersecurity company focused on developing humanized privacy & security protection solutions to secure people's digital lives.

Fireblocks

Fireblocks

Fireblocks is a digital asset security platform that helps financial institutions protect digital assets from theft or hackers.

Harbottle & Lewis

Harbottle & Lewis

Harbottle & Lewis is a leading UK-based law firm focused on the Private Client and Technology, Media and Entertainment sectors.

Space Hellas

Space Hellas

Space Hellas is a dynamic, established System Integrator and Value Added Solutions Provider, holding a leading position in the high technology arena.

Bedrock Security

Bedrock Security

Bedrock Security is at the forefront of revolutionizing data security in the cloud and GenAI era.

OmniIndex

OmniIndex

OmniIndex PostgresBC is the only commercial solution allowing you to keep your most sensitive and critical data encrypted while analyzing it. Structured and unstructured.