A man looks at his laptop with a worried expression. Image: Getty/Degreez
A new phishing attack surreptitiously tries to manipulate victims into entering their username and password by claiming that their account will be deleted if they don’t – and it uses a countdown timer to apply pressure.
Detailed by cybersecurity researchers at Cofense, this Phishing attack begins with a statement warning recipients that an attempt to sign in to their account from a location they haven’t used before has been blocked – and they should click the link to verify the email address mine.
This type of scare tactic is common in phishing attacks, as cybercriminals know that putting a victim in an emergency means they are more likely to follow instructions, especially if they are informed. report something is wrong with their account.
What sets this attack apart from the others is that it seems to borrow a tactic from ransomware gang – show countdown timer on phishing site. The timer counts down from one hour, requiring users to enter a username and password to ‘authenticate’ their account before the countdown timer hits 0, otherwise their account – and even their account other people’s accounts – will be deleted.
UNDERSTAND: It was easy for a security researcher to find my passwords, etc.
This is not a real warning, and even if the timer counts down to zero, nothing will be cleared – but the tactic is designed to frighten the victim and follow the instructions. It is similar to a technique used by ransomware groups.
If a user targeted by a phishing email enters their login credentials, that indicates they used the wrong password, or indicates that the login details are accepted, before redirecting them back. their company homepage. In both cases, the result is the same – the attacker steals the username and password.
There are several ways that an attacker can abuse legitimate credentials. They can use them to access the network themselves to steal data, help access other accounts or even perform ransomware or other malware. In addition, they can sell stolen passwords to other cybercriminals for use in their own illegal campaigns.
Phishing attacks are one of the most common methods that cybercriminals use to steal usernames and passwords. Use multi-factor authentication (MFA) can help protect an account, because even if an attacker knows the correct login information, the need for further verification will prevent them from being able to access the account, as well as raise a warning that something might be wrong.
In the event that your password is stolen, it is important that it be changed quickly, preferably for something complex and unpredictable for a hacker.
MORE ABOUT CYBERSECURITY
