T + T – Normal size
In late August, Kaspersky experts discovered a phishing campaign using an unusual attack vector – an image. The scam wave targeted organizations in the online retail, distribution, transportation and logistics sectors. The cyberattackers’ goal was to steal corporate email credentials from potential victims..
In this type of phishing scam, cybercriminals send emails in English, claiming to represent a South Korean company. Pretending to be employees of the company, the criminals send emails saying they have instructed their banks to transfer funds. They attach a scanned copy of the alleged bank message to potential victims, asking them to review its details. As is common with such scams, the need to act quickly is emphasized, to ensure that payments are received as quickly as possible..
“The image in these phishing emails is not clear, which is what criminals rely on. Even if you are not expecting an email, you might be curious to open it and find out the details. But in fact, the image hides a phishing link. If users click on the scan button, they will be redirected to a fake link, which looks like a file-sharing service from Adobewhere they are asked to enter their company email account credentials in order to access the document. However, this should never be done, otherwise this information will find its way to cybercriminals.».