Top cyber security experts have discovered an extensive phishing campaign targeting the Middle East with the cyber thugs involved in the acts impersonating as officials of the UAE government’s Human Resources Ministry.
The new threat targets numerous government and corporate entities in the banking, travel, healthcare, legal, oil and gas, and consulting industries, according to researchers of leading cyber security firm CloudSEK.
The threat was discovered by the company’s artificial intelligence (AI) digital risk monitoring platform XVigil.
CloudSEK’s advisory stated that the actors developed a fake website which resembles a legitimate domain for defrauding users.
The security experts after the investigations came to know that this phishing attack is on a massive scale. And, they are mostly targeting individual job seekers and businesses, which led to exposure to 419 and BEX scams.
According to CloudSEK, it may be deduced that a single threat actor or a threat actor group is responsible for all of the phishing domains and websites by looking at the patterns of the email addresses used to register the domain names and hosting infrastructure.
In further investigations of the email addresses, they also discovered 43 domains which shared similar registrant information.
As part of their examination into the phoney domain, CloudSEK researchers found several other domains on the Open Source Internet (OSINT) that had been flagged as scams that catered to job seekers on various websites.
According to the security experts, the above-mentioned phishing attacks/projects can be used by several threat actors for targeting specific users for getting their passwords, personal information, documents, crypto wallets and other sensitive information.
To minimize these types of attacks CloudSEK suggests that organizations and individuals should avoid downloading suspicious documents from unknown sources or clicking on suspicious links.
The company also stated that on windows systems everyone should enable the file extensions visibility for checking the file with unknown file extensions before downloading them on to the system.
CloudSEK also pointed out that the usage of multi-factor authentication (MFA) and antivirus should be updated regularly.
(Source: the420.in)