image
The speed with which phishers are able to adapt to new messaging based on the latest headlines is accelerating, according to the Proofpoint Threat Research Team, which was able to track backend data from a recent voter-registration scam to uncover just how quickly cybercriminals can pivot to capitalize on current events. It turns out, all it takes to launch a potent phishing scam is a new wrapper. “The range of information credential-phishing themes — PayPal, COVID-19, voting — illustrate how actors often simply pivot from one theme to the next, all while using similar (often the same) infrastructure and backend functionality,” Sherrod DeGrippo, senior director of threat research and detection for Proofpoint, told Threatpost. “It’s clear that threat actors are continuing to try and reach as many intended recipients as possible by capitalizing on a popular topic. We’ve seen throughout the global COVID-19 situation that threat actors are able to adjust quickly to timely news and current events.” A recent voter registration scheme, first discovered by KnowBe4, sent emails out telling voters their registration information was incomplete. The logos in the communications were from the U.S. Election Assistance Commission (EAC), leading them to a fraudulent page asking them for their personal data. Tracking Phishing Kit Data By tracking data from phishing kits, which are easy, one-stop packages for phishing, the Proofpoint Threat Research Team found a trail of scams, all connected…

Source