Interactive chatbots are being used in phishing attacks
in an effort to increase victim confidence, while reducing their attention, according to SecurityWeek
A report from Trustwave SpiderLabs revealed that threat actors behind the scheme have been leveraging failed DHL deliveries as a lure, with victims prompted to click buttons that would help fix their deliveries.
However, clicking the button would redirect victims to a separate website triggering the phishing chain that involves the use of a chatbot for personal data gathering. Continued engagement with the chatbot is ensured with photos of the damaged package, while a fake CAPTCHA is also generated to establish increased confidence.
The succeeding steps then involve the collection of an unspecified password, as well as bank card information. However, researchers found that an OTP verification code is being asked by the phishers even though they still have not asked for victims' mobile numbers.
"Reading through the lines and with my experience, what this tells me is that this was a campaign first used for other purposes," said SpiderLabs Threat Intelligence Manager Karl Sigler.