Researchers at email security firm Mimecast have uncovered a new flight refund scam that attempts to exploit the ongoing Coronavirus outbreak.
The campaign is simple as effective, scammers attempt to target individuals that are waiting for refunds from airlines that deleted the flights due to Coronavirus shutdown.
The malspam messages include a fake flight refund form and instruct targets to fill them providing their names and credit card details. Using this trick, cybercriminals could collect personal and financial information and use them to carry out a broad range of malicious activities. Data gathered with this fraud scheme could be also offered for sale on the Dark Web.
Below an email Mimecast has shared with El Reg, the campaign was discovered as part of routine monitoring.
“Because there’s so much talk in the media about flight cancellations and refunds, criminals have switched those kind of tactics to phishing emails,” Kiri Addison, Mimecast head data scientist for threat intelligence & overwatch, told El Ref.
“They can see all the personal information: phone numbers, email addresses, credit card payment card details, anything they can use themselves, anything they can sell on the dark web. [It’s] stuff they can use for future phishing attacks too.”
Operators behind malspam campaigns always attempt to exploit the interest of the people on specific topics, and the Coronavirus outbreak represents an exceptional opportunity for scammers.
Recently, many security firms have reported numerous Coronavirus-themed attacks.
Experts pointed out that victims of this kind of attack could fall for similar scams in the future.
[adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – flight scam, Coronavirus)
[adrotate banner=”5″]
[adrotate banner=”13″]
BlackBerry reported that the financially motivated group FIN7 targeted the IT department of a large…
An international law enforcement operation led to the disruption of the prominent phishing-as-a-service platform LabHost.…
Russia-linked APT Sandworm employed a previously undocumented backdoor called Kapeka in attacks against Eastern Europe since…
Cisco has addressed a high-severity vulnerability in its Integrated Management Controller (IMC) for which publicly…
Threat actors are exploiting the CVE-2023-22518 flaw in Atlassian servers to deploy a Linux variant of…
Ivanti addressed two critical vulnerabilities in its Avalanche mobile device management (MDM) solution, that can…
This website uses cookies.