Clicking the HTML file opens the first layer redirect page on the user’s browser, landing eventually on the phishing site where threat actors behind this will be able to steal entered information. An image of the phishing page can be seen below.
We’ve detected more than 13,000 phishing emails related to this attack from July 22 and August 8, which is a sign that this is an ongoing campaign. Our detection data also indicates around three campaigns using this method may have been launched from the end of July to the present.
Campaigns like this show that while phishing is an old, well-known tactic, it's still a go-to method for cybercriminals. Reports from the past few months show how phishing continues to be used to target specific industries or spread malware. Users can avoid phishing attacks by being aware of its indicators and vigilant when online, especially when dealing with sensitive or financial information.
To help defend against these kinds of cyberattack Trend Micro™ InterScan™ Messaging Security stops email threats with global threat intelligence, protects your data with data loss prevention and encryption, and identifies targeted email attacks, ransomware, and APTs as part of the Trend Micro Network Defense Solution. Its enhanced web reputation blocks emails with malicious URLs in the message body or in attachments, and it is powered by the Trend Micro™ Smart Protection Network™.
Additional insights by Loseway Lu and Marshall Chen
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.