A New Phishing Attack – Account Deletion Countdown Initiated!

Cybercriminals use several techniques to target their victims. However, preying on the users’ “fear” seems to guarantee higher success rates when it comes to phishing attacks. When the victims are cornered in a state of urgency, they’re more likely to follow instructions – here’s where this new “Themed Phishing Attack” comes in place.

It all starts with an email informing the target that their account has encountered a suspicious login in a different location. That’s where everything goes south.

The main goal is to prompt the users to submit their credentials and harvesting them the moment they do. But why did we use the word “Themed”? What makes this phishing attack any different from those that prey on fear? Here’s what you need to know.

Themed Phishing Attack – Losing Your Account 3, 2, 1!

As we mentioned, phishing attacks with this kind of fear tactic are pretty common due to their high success rates. If there’s urgency, there’s immediate action to follow instructions.

And if any of them were told that something’s wrong with their account, rest assured they’re going to react on the spot. For example, a couple of months ago, a similar attack involved fake warnings signed by Zoho, informing victims that they have been utilizing copyrighted images.

This time around, the threat actors are using the same tactics, targeting their victims by taking advantage of their “fear” factor.

The Process

The attack starts with an email that warns the recipient of an irregular login attempt to their account from a location they haven’t used before.

And as with most phishing attacks, the threat actors provide a link within the email that they should click on to verify their email address. 

Cybersecurity researchers at Cofense discovered the campaign and laid down all the information about how the threat actors operate.

Now, here’s what differs in this attack. Apparently, the attackers borrowed some tactics from several ransomware gangs. When the users click on the link, they’ll head over to a page where they should submit their credentials.

However, they’ll find a countdown clock on the phishing site. The timer ticks down from an hour, which we all know will create some sense of urgency on the users’ end.

The page claims that if the user doesn’t validate their account within the provided time, it’ll be deleted on the spot.

Of course, the timer doesn’t reflect a real one. In fact, the attackers just designed it to make the victim panic and follow the instructions.

Usually, with other similar attacks, the following page states that the victims entered the wrong password. This one, however, shows that they’ve verified their account.

Whatever the case is, the result is the same. The attacker steals the username and password. Unfortunately, it won’t end here. As we’ve seen in the past, attackers can abuse legitimate login credentials in so many ways.

Themed Phishing Attack – A Countdown to Data Theft

Phishing attacks are evolving on a daily basis, and their numbers are increasing. This is huge as so many users are falling victim to such campaigns.

When it comes to phishing, the best way to secure yourself is to avoid clicking on the link within the email. That way, you won’t be tricked into entering your credentials and give the attackers what they want.