The Weekly Top 3 are the three most relevant news stories for the week that are related to phishing scams and activities reported in the media, security blogs and security magazines on the Internet. This week, we look at phishing activities related to Apple, USAA and a very Fancy Bear.
A new Apple iTunes phishing scam had surfaced, earlier this week. Apple customers reported to receive phishing e-mails containing fake invoices. These invoices contained purchases from the iTunes, App Store or Netflix subscriptions. In the e-mails, the scammers claimed that the victim purchased these items/services from Apple. They requested that the victim click on a 'refund' link in the e-mail. When the link was clicked, the victim was forwarded to a fake Apple website. This website was used by the scammers steal credit card information. Click Here to read more.
Members of the United Services Automobile Association (USAA) were the target of a new phishing scam, earlier this week. Security experts found that USAA members were receiving e-mails from SPAM hosts. Upon further investigation, the researchers found that the phishing e-mails stated that either the member had a pending transaction or their account must be updated. The e-mail contained a link that fowarded the victim to a fake USAA website. This website was used to steal the USAA members' login information. Click Here to read more.
The World Anti-Doping Agency (WADA) was the target of a phishing campaign to steal login credentials. Security researchers beleive that an old Russian hacking group called 'Fancy Bear', was behind the phishing attacks. This hacking group was also responsible for the hacking of WADA's website, after its report on the 2014 Sochi Games doping scandal. The phishing e-mails were sent to both WADA and Court of Arbitration for Sport (CAS). These e-mails stated that WADA was requesting the login credentials for a datbase used by the officials. The e-mails contained a malicious link that forwarded the victim to a fake website operated by the hacking group. This website was used to steal the login credentials for the database. Click Here to read more.