Live Chat With A Cybercrook! Popup Talk Latest Scam
Phishers have always counted on volume and automation to generate revenues: scam mails by the millions, proliferating malware links, a deluge of devious and deceptive tools designed to grab info from the unsuspecting. Now they're using chat to pluck their pigeons one-on-one.
Phishers have always counted on volume and automation to generate revenues: scam mails by the millions, proliferating malware links, a deluge of devious and deceptive tools designed to grab info from the unsuspecting. Now they're using chat to pluck their pigeons one-on-one.Can we talk?
That's the message some online banking scammers are trying out with a new approach known as chat-in-the-middle.
Works like this:
A piece of phishing mail designed to look like a legit piece from a bank goes out.
Unwary customers of that bank click the link, and go to the phony banking site the phishers have set up.
Once there, a chat window window pops up and the crooks draw their mark into a supposedly legitimate online conversation about fraud prevention, drawing out more and more information as they do so.
So far, accoridng to a posting on RSA's FraudAction Research Lab blog , the chat attacks are aimed at a single, so far unnamed, financial institution.
Small comfort there: This latest approach, like the recent inline popup banking scams the phishers tried, is best thought of as test marketing.
If it works, the technique will undoubtedly spread, although because this one requires human input from the crooks as well as the marks, there may be a limit to how far it spreads or how much it has to make to offset the labor and time costs it carries.
About the Author
You May Also Like
DevSecOps/AWS
Oct 17, 2024Social Engineering: New Tricks, New Threats, New Defenses
Oct 23, 202410 Emerging Vulnerabilities Every Enterprise Should Know
Oct 30, 2024Simplify Data Security with Automation
Oct 31, 2024Unleashing AI to Assess Cyber Security Risk
Nov 12, 2024