Security News: New Phishing Tactics Emerge | Avast

[Patricia Strawbridge]

Do not use Fear Tactics telling people that their personal information was found 3x and you need to buy something to fix it. This tactic is synonymous with many phishing tactics... the same kind of tactics I cautioned people against when doing IT for a bank.

A TrojanSMS stealer called SMSEye is worth noting, as it has its own dedicated GitHub page, enabling other malicious actors to use it. The stealer initially emerged last quarter, with its second version appearing this quarter. Cyble reported that it was used to target an Indonesian bank through a phishing campaign to distribute the malware to users. SMSEye sends stolen SMS messages to a Telegram bot, in this case targeting user login credentials. Test versions of this malware have been observed featuring other bank and delivery service logos, suggesting the likelihood of more sophisticated uses for this stealer in the future.

Security News: New Phishing Tactics Emerge Avast

Download ✓✓✓ https://t.co/Ai1bZDL7Re

Amidst the ever-changing threat landscape, new tactics, techniques, and procedures (TTPs) seem to emerge daily, creating extreme challenges for security teams. The broad range of attack methods utilized by attackers seems to present an insurmountable problem: how do you defend against a playbook that does not yet exist?

Figure 5 illustrates a themed phishing attack that has also been spotted in PDF attachments that lure victims to download a ZIP file containing the malware Qakbot. The specific tactics and indicators of compromise can be found in the Appendix.

dd2b598166