BleepingComputer reports that thousands of Instagram users are being targeted in an ongoing phishing campaign that uses blue-badge offers as lures.
Attackers commenced the campaign on July 22, with more than 1,000 phishing messages sent on July 28 and Aug. 9, a report from Vade showed.
Instagram and Facebook logos were included in the phishing emails informing recipients regarding their blue badge eligibility. Individuals given the messages have been urged to click on an embedded link that would redirect to a submission form hosted on the "teamcorrectionbadges" domain in a bid to establish legitimacy.
Researchers observed a three-stage form used in the attack, which separately seek for users' username, name, email, phone number, and password. Completion of the process would prompt a verification message that also includes a fake case ID, researchers added. Combatting such scams requires increased awareness of Instagram's verification program, which only grants blue badges to celebrities, brands, and notable public figures who directly apply using the official platform.
Attackers have been leveraging the new "file archive in the browser" phishing technique that enables the creation of realistic phishing pages masquerading as legitimate file archive software, with hosting on a .ZIP domain further establishing the legitimacy of the scheme, reports The Hacker News.
BleepingComputer reports that recent phishing attacks by the QBot malware operation, also known as Qakbot, have involved the exploitation of a DLL hijacking flaw in the Windows 10 WordPad executable "write.exe."
Microsoft credentials targeted new phishing attacks with RPMSG files New phishing attacks involving compromised Microsoft 365 accounts and encrypted restricted permission message, or RPMSG, files, are being leveraged by threat actors to facilitate the stealthy exfiltration of Microsoft credentials, according to BleepingComputer.