Credential phishing scams are not new in the cyber-attack landscape. The threat actors regularly come up with innovative techniques and ideas for conducting such scams, which are better in luring victims into giving off their sensitive information and credentials. An exceptional case of credential scam was discovered in which the threat actors targeted PayPal.
The Attack-
This attack is initiated with a phishing email, which looks almost like a legitimate email from PayPal and it requests the user to start a live chat for a notice related to the service or included a linkable guide on how to verify paypal account. The email is made to look legitimate by making it very sophisticated. The email is also added with links that are usually found in legitimate emails. Though the actors made the email very close to the original, they did not make any effort toward hiding the “from” address. This address was a different email id which had no relation with the email of PayPal.
If the user clicks on the link provided in the mail which claims to open a live chat, a fake live chat opens and the attackers use automated scripts which conduct a conversation with the victims. During this conversation, the attackers attempt to steal various sensitive information such as the email id of the user, phone numbers, and also credit card information.
The X factor-
The credential phishing scams do stop at the conventional methods phone calls, emails or SMS. They can be in any form such as fake login or sign-up pages, forms, etc. They are made to look so legitimate that only after checking features such as headers and the provided links, they can be differentiated as malicious.
Conclusion-
Employees of an organization should be given the proper training in the ways of preventing such attacks. Users should look for the header and try and identify fake links to avoid being a victim of email scams. It is really a dangerous issue that the attackers are able to bypass the email gateways which have a lot of security. It is on the individual that they try and keep themselves safe from such attacks.