GreatHorn’s Threat Intelligence team found that the rate of socially engineered business email compromise attacks using X-rated phishing lures rose by 974%, reports Threatpost.
Threat actors employing the phishing technique are going for “dynamite phishing,” which does not only intend to prey on users’ libido for clicks, but also uses shock value to prompt reckless clicks from the user, according to GreatHorn.
“It doesn’t always involve explicit material, but the goal is to put the user off balance, frightened — any excited emotional state — to decrease the brain’s ability to make rational decisions,” said the report.
The report also showed that malicious URLs included in the phishing emails perform malware downloads, redirect users to a phony dating site where they are lured to input payment data, and monitor users to conduct succeeding attacks, which could entail blackmail. Scammers’ email pass-through approach for victim tracking also allows automatic input of users’ email addresses on an unsubscribe field.