The Weekly Top 3 are the three most relevant news stories for the week that are related to phishing scams and activities reported in the media, security blogs and security magazines on the Internet. This week, we look at phishing activities related to American Express, NAB and Fancy Bears...again.
The customers of American Express have been the victim of a phishing campaign with a new twist. The phishing e-mails being used by scammers contain a promise to the receiver that they would be given an identity theft and phishing prevention tool. The e-mail disguises itself as a legitimate program called SafeKey by American Express. This program is used by American Express to add an extra layer of security for their customers. However, scammers are using phishing e-mails with malicious links to forward American Express customers to fake websites that collect their personal and financial information. Click Here to Read More.
The customers of National Australian Bank were being targeted in a new phishing scam. The phishing e-mail being sent to customers requested that their account with NAB required "additional verification". However, the e-mail was designed to trick them into opening a malicious attachment. Scammers tricked the users by stating in the e-mail that their accounts with NAB would be suspended, if they did not comply. Once the victim opened the attachment, they were presented with a webpage that was used to steal their login credentials. Click Here to Read More.
Following up from a previous week's report, the Fancy Bear hacking group leaked information taken from the World Anti-Doping Agency (WDA). The leaked information contained the medical files of two US athletes, who recently competed in the Rio 2016 Olympics. Both Serena Williams and Simone Biles personal medical information were released by the hackers as an attempt to discredit the WDA. The hackers released information detailing "Therapeutic Use Exemptions". Where both athletes informed WDA that they were taking banned substances, but were verified for their medical needs. The hackers claimed that this was "licensed doping" by the athletes, but other Sport authorities have stated that this is a normal practice. Click Here to Read More.