Attackers Use Fake Chatbot To Launch Phishing Attacks On Users

Share post:

Cybercriminals use a fake chatbot via phishing to target unsuspecting victims with malware, according to a new report by Trustwave.

The attack starts with a phishing email pretending to be from DHL. The email content mentions package delivery problems while promoting users to click on a link.

The link directs the victims to a downloadable PDF file, which shows content impersonating DHL. The file tells users that a shipment has been redirected, and to resolve the issue, they must click on another link.

After clicking on the second link, the users are taken to a chatbox-like page. There, some bot messages are displayed asking for confirmation of parcel delivery. There is only Yes/No option. After clicking on the Yes option, the users are asked to enter their e-mail credentials and confirm a Captcha.

In the final phase of the attack, users are asked to enter their credit card details to pay for parcel delivery.

To protect against this form of phishing attacks, users are advised to carefully check each email before clicking on embedded links.

They are also recommended to use email protection solutions to detect phishing campaigns and suspicious emails.

The sources for this piece include an article in TechRepublic.



Related articles

Microsoft to block emails from “Persistently Vulnerable Exchange Servers”

Microsoft has announced a new security feature for Exchange Online that will gradually throttle and eventually block emails...

Pinduoduo removed from Google Play Store after cyberattack

According to security researchers at Lookout, Pinduoduo has been involved in a complex malware attack through its application,...

Twitter source code leaked, demands GitHub reveal who posted it there

New York Times says the code posted on GitHub had been there for months. raising securit

Okta’s login flaw exposes users to attack, says Mitiga

According to Mitiga, Okta's login system contains a simple error that could expose its users to future attacks. Users...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways