The motivation behind phishing attack that struck the Indian IT consultancy firm Wipro in April may surprisingly be gift card fraud, according to a new Flashpoint report.
Flashpoint researchers Jason Reaves, Joshua Platt and Allison Nixon said the far-ranging attack that hit dozens of Wipro employees gave the malicious actors access to more than 100 of the company’s computers. In the end, the aim was to obtain the usernames and passwords of encrypted email accounts in order to obtain access to portals managing the account-holders' gift card and rewards programs, the blog said.
What was done with the stolen credentials is unknown.
Please register to continue.
Already registered? Log in.
Once you register, you'll receive:
The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.
Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.
SC Media’s essential morning briefing for cybersecurity professionals.
One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.