JP Morgan Targeted In New Phishing Campaign
Double-whammy 'Smash and Grab' hits targets with two ways to steal credentials.
Corporate email provider Proofpoint discovered a new phishing campaign, this week, aimed at customers of JP Morgan Chase & Co.
The campaign has been dubbed "Smash and Grab" because it combines two methods of obtaining access credentials.
It uses social engineering tactics to try to persuade users to part with their JP Morgan credentials, specifically, by asking them to click to view a secure message from the bank. It also infects the target with Dyre, a banking Trojan that lifts login data for other places too.
The attack appears to have been launched on Tuesday. Proofpoint saw roughly 150,000 of the phishing emails that day.
About the Author(s)
You May Also Like
Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024Where and Why Threat Intelligence Makes Sense for Your Enterprise Security Strategy
May 15, 2024Safeguarding Political Campaigns: Defending Against Mass Phishing Attacks
May 16, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024