Phishing attacks – phishing in English – do not weaken. And this latest campaign may well pay off.
The technique of the attackers? Manipulate their victims into entering their username and password, threatening them with account deletion if they do not.
The novelty ? A countdown to increase the pressure even more.
It’s the final countdown
Detailed by Cofense cybersecurity researchers, the attack begins with a warning message: an attempt to login to the victim’s account was detected from an unknown location, and it was blocked. The latter must click on the link to verify their e-mail address.
The use of fear is common in phishing attacks. Cybercriminals know that by putting their victims in a state of emergency, they will be more likely to follow instructions. And that’s especially true if the email claims something is wrong with their account.
What sets this attack apart from others, however, is that it seems to borrow a tactic from ransomware groups: displaying a countdown timer. The latter is displayed on the phishing site. It indicates that the user must enter their username and password to “verify” their account before the countdown reaches zero. Otherwise his account (and even sometimes others) will be deleted.
Obviously, this is not a real warning, and even if the countdown reaches zero, nothing will be deleted. But the tactic is designed to make the victim panic and follow the instructions. It is a technique similar to that used by ransomware groups.
If the user targeted by the phishing email enters their login details, the message claims that they have entered the wrong password or indicates that the login details are accepted, before redirecting them to the page reception of his company. In both cases, the result is the same: the attacker steals the username and password.
Beware of phishing!
Cybercriminals are so interested in stealing login credentials because they can use them in different ways. Above all, they can directly use them to access the network to steal data. Or they can facilitate access to other accounts, or install ransomware or other malware. They can also resell this data to other cybercriminals, for them to use in their own campaigns.
Phishing is one of the most widely used attack methods for data theft. To protect against this, it is recommended to activate multi-factor or two-factor authentication. The benefit of this security measure is that it adds a layer of security to your accounts. Indeed, even if the attacker was able to recover your login information, he will be blocked by an additional verification.
If your password has been stolen, or if you have any doubts, it is essential to change it as soon as possible. Preferably, henceforth choose a password that is complex and difficult to guess for a potential cyberattacker.