A new phishing campaign is packing a triple-threat attack in an effort to convince users to help the criminals in their credential-harvesting efforts.
The new campaign, reported on Jan. 21 by researchers at AppRiver, tells victims that their email accounts are infected with not one but three "deadly viruses" and will be shut down for security reasons if they don't immediately respond.
Those who do are taken to a hacked WordPress site chock-full of code that asks for credentials and stores them away in the attacker's vaults if provided.
The true danger? "These generic style of credential gathering attacks are often used in follow-up attacks that are customized and typically financially-themed spearphishing such as Business Email Compromise (BEC) attacks," according to AppRiver's David Pickett. reporting blog states, is that,
Read more here.