“Account locked”, but the email was fake: what brand phishing is and how it works
[ad_1]
The email seems real, one of those that even Netflix could send, above all in this period of increased attention to user activity and how they use their passwords. Only it wasn’t a Netflix email – it was a phishing email. Indeed, a brand phishing email.
The message, as reported by the Israeli Check Point Software In the Brand Phishing Reports of the first quarter of 2023it appeared to actually come from Netflix and to make the deception even more effective it was sent from an address starting with the word “support” (picture below). The subject of the email, translated into Italian, sounds like “Update Required – Account Locked” and the message claimed that the recipient’s profile had been suspended due to failure to authorize payment for the next billing cycle.
The case
What are dark patterns and how did Donald Trump raise 4 million in 24 hours
by Emanuele Capone
The most used brands for brand phishing
Hence the invitation to renew the subscription, clicking on a link where the victim was supposed to enter new payment details. Not on the Netflix site as it might seem at first glance, but on a fraudulent site where the information would obviously have been stolen: “Criminal groups organize increasingly convincing phishing campaigns to induce the largest number of people to provide their personal data – reiterated Omer Dembinsky, Data group manager of Check Point Software – In some cases, the attacks are launched to steal payment detailsas seen here with a popular streaming service like Netflix.”
As always, “the best defense against phishing is awareness: company employees, as well as users, must have adequate knowledge to identify suspicious elements, such as poorly written addresses, typos, incorrect dates and other details that can reveal a malicious email or a dangerous link” . In cases like this, sometimes that’s enough hover the mouse pointer over the link, without clickingto realize from the preview of the address that one would not go to some page belonging to Netflix but to a completely different place.
Brand phishing works like this, as we told on Italian Tech on the occasion of Black Friday 2021: Criminals try to imitate the official website of a well-known brand by using a similar domain name or URL and especially a page design that looks like the authentic site. The link to the fake site can be sent to the targeted people via mail or text message, but the victim can also be redirected while browsing or through an app created for this. The goal is always the same: win people’s trust and get them to fill out a form intended to steal credentials, payment details or other personal information.
In the first 3 months of 2023, according to information gathered by Check Point Software analysts, the most reproduced brands for this they were: Walmart (which alone accounts for 16% of all phishing attacks worldwide), DHL and FedEx (respectively 13% and 4.9% of cases), Microsoft (12%), LinkedIn (6%), Google (4.8%), precisely Netflix (4%) and PayPal (3.5%).
@capoema
[ad_2]
Source link