After Anonymous hacktivists took down the official Brazilian websites of the Bradesco bank, a series of phishing emails were spotted in inboxes. It’s uncertain if the incidents are related, but users are advised to be on the lookout for any suspicious emails that seem to come from the bank.
Originating from the email address vicepresidente@cmnordeste.pt, the malicious emails target Portuguese speakers, urging them to update their Internet banking accounts as a result of a security update.
“We found that an update is pending in our system for your safety, we recommend reinstatement. For the update registration to become effective follow all the procedures required by Bradesco, so your data is updated quickly and easily,” reads a translation of the message.
Recipients are also warned that if they don’t apply the update, they will support the consequences.
Once the malicious link from the email is clicked, the user is redirected to a phony site, hosted on a Russian domain, which replicates a Bradesco webpage.
A form requests all the sensitive information required to later access the Internet banking account, including credit card number, CVV, and password.
Users who encounter such email are advised not to provide any information since legitimate financial institutions never ask for these details in such a manner. Also, the phony email should be reported to the bank.
In general, phishing scams are easy to identify by looking at some simple clues. One of the most important telltale elements is the site's address. If it’s anything other than the bank’s legitimate website, it clearly indicates that the user is targeted by a malicious campaign.
In this example, the shady form is hosted on a domain called segubanking3.hut4.ru, hut4.ru being a site that offers free hosting services.
Another sign is revealed by the fact that a security update is mentioned, this being one of the most common pretenses used by cybercriminals in phishing expeditions.
Originating from the email address vicepresidente@cmnordeste.pt, the malicious emails target Portuguese speakers, urging them to update their Internet banking accounts as a result of a security update.
“We found that an update is pending in our system for your safety, we recommend reinstatement. For the update registration to become effective follow all the procedures required by Bradesco, so your data is updated quickly and easily,” reads a translation of the message.
Recipients are also warned that if they don’t apply the update, they will support the consequences.
Once the malicious link from the email is clicked, the user is redirected to a phony site, hosted on a Russian domain, which replicates a Bradesco webpage.
A form requests all the sensitive information required to later access the Internet banking account, including credit card number, CVV, and password.
Users who encounter such email are advised not to provide any information since legitimate financial institutions never ask for these details in such a manner. Also, the phony email should be reported to the bank.
In general, phishing scams are easy to identify by looking at some simple clues. One of the most important telltale elements is the site's address. If it’s anything other than the bank’s legitimate website, it clearly indicates that the user is targeted by a malicious campaign.
In this example, the shady form is hosted on a domain called segubanking3.hut4.ru, hut4.ru being a site that offers free hosting services.
Another sign is revealed by the fact that a security update is mentioned, this being one of the most common pretenses used by cybercriminals in phishing expeditions.
news.softpedia.com
Niciun comentariu:
Trimiteți un comentariu