Security researchers at Cofense have uncovered a new spear-phishing campaign that spoofs messages from the UK's largest mobile phone network, to try and steal personal information.
The campaign appears to largely target the login and payment details of corporate executives, which could give hackers access to lucrative business networks.
- Beware – that email from HR might be a cyber scam
- Nearly half of workers have clicked on a phishing email
- Skype phishing attack targets remote workers
The emails detected by the Cofense Phishing Center used official EE imagery, luring victims with the subject line “View Bill -Error”. The message within reported there has been an issue with the customer's payment, urging them to update their details with EE.
However clicking on the hyperlink included in the email (pictrued below) takes the victim to a phishing page. Although this fake page sports a supposedly-secure HTTPS URL, this looks to be down to the hackers obtaining SSL certificates to make the site look legitimate.
After completing the form on the fake site, which in the process sends this information to the criminals, the user is then redirected to the actual EE login site, making them think their session may have timed out, or their password was typed incorrectly.
Cofense notes that users can often spot phishing emails due to errors and shortcomings in the design of the messages, despite the use of legitimate-seeming design. The team note that in this example, EE’s trademark and company name is not included in any part of the full email address, which instead comes from a completely separate domain.
Having an updated and thorough cybersecurity platform is also vital in protecting users from threats, as the page still seems to be live and active now.
- Stay safe online with the best antivirus software of 2020