In this campaign, the user is encouraged to call a phone number attached to the invoice, and the hackers will then try to convince them to pay the balance using social engineering techniques and manipulation, enabling credit card details to be stolen.
It is known as a “double spear” attack, as criminals can steal credentials and demand payments from victims.
It is popular with hackers because it utilises websites already on the ‘Allow Lists’ of most email services, Avanan’s researchers say. The goal for cybercriminals using the Static Expressway technique is to get through the email security and place the message in a user’s inbox – then have them make a phone call to the hacker’s number. How PayPal and QuickBooks email scams operate
DOMAINER ELITE SCAM SOFTWARE
Known as Static Expressway, the technique allows the hackers to leverage legitimate websites to get into the inbox, steal credentials and trick people out of money, and mirrors a similar type of phishing attack discovered last month involving accountancy software provider QuickBooks. Invoices are sent from the PayPal domain bypassing spam filters and containing fake company phone numbers to query payment. It reflects the increasingly sophisticated tactics criminals are using to impersonate businesses and steal credentials and credit card details.įake invoices are being sent within PayPal with a request for payment which adapts the email body to spoof brands like Norton and then sends it from the PayPal domain so it bypasses server security checks, according to analysts from enterprise email security firm Avanan.
Scammers are setting up real accounts with payments platform PayPal to send out phishing emails that bypass security software and appear more realistic to their victims, researchers have discovered.
0 kommentar(er)
