The Weekly Top 3 are the three most relevant news stories for the week that are related to phishing scams reported in the media, security blogs and security magazines on the internet. This week, we look at phishing scams related to Chase Bank, Operation Pawn Storm and 82 Seconds.
Chase Bank reported that they received complaints from customers about e-mails concerning online payments. Further investigations proved that these e-mails were part of a phishing campaign targeting the bank's customers. The subject reads: 'Thank you for scheduling your online payments' and so far two versions of the e-mail have been identified. These phishing e-mails also contained attachments with the file names, 'payment.exe' and 'payment.zip', which are very likely to be malicious. Click the link below to read more.
Operation Pawn Storm was a campaign discovered by Trend Micro last year in 2014. It was believed to be conceived in 2007 for the purpose of gathering information. Since then, it has been revealed that this campaign targeted government, military and media institutions around the world with SEDNIT malware. However, recently three Youtube personalities have been targeted in GMail phishing attacks after they interviewed President Barrack Obama. Furthermore, European NATO members have also been targeted by this campaign. The phishing e-mails contained a malicious link that tricked the victim into downloading a HTML5 plugin, which was actually malware. Click the link below to read more.
They are not the Minute Men, but hackers are able to ensnare their victims in under two minutes. Verizon recently completed a study of 80,000 incidents that hit thousands of companies in 2014. They had concluded that there was 25% chance of companies opening a phishing e-mail. Further analysis proved that more than half of the victims clicked the link in a phishing e-mail within the first hour of it being sent. The report also highlights the importance of educating people on spotting a phishing e-mail because it would reduce the number of these attacks. Click the link below to read more.