JAKARTA - global cybersecurity firm Kaspersky discovered a new phishing scheme aimed at financial staff by utilizing Dropbox services to steal their credentials.
This scheme begins when the victim receives an email from a legitimate audit company. This email was sent from the original address, which was most likely hijacked by the attacker.
The email appears legitimate both from a human point of view and protection software. It contains a complete disclaimer scheme regarding the sharing of classified information, said security expert at Kaspersky Roman Dedenok.
In addition, the email does not contain links or attachments and comes from easy-to-find company addresses, making it almost impossible to detect by a spam filter.
After this email, the perpetrator sent an official Dropbox notification to the victim.
According to Kaspersky, if the victim is ready to respond to the initial message, they will most likely follow the link to review the document.
Clicking the link will display a blurry document with an authentication window on it.
The document acts as a big button, and the entire surface is a malicious link.
SEE ALSO:
After clicking, users will see a form requesting login and their company's password.
From here, criminals get corporate account credentials.
Until now, attacks like these are considered targeted and are still being monitored by Kaspersky experts to explore certain cases.
The English, Chinese, Japanese, Arabic, and French versions are automatically generated by the AI. So there may still be inaccuracies in translating, please always see Indonesian as our main language. (system supported by DigitalSiber.id)