New Scams Alert
February 15, 2019
Tesco are warning customers not to fall vicitm to latest scam.
The text message, under the alias of supermarket giant Tesco, is targeting victims by using their name and car registration plates to ultimately cause damage and steal confidential information.
The message, which comprises of three names and three number plates, congratulates the “Tesco shoppers” and asks them to click on a link to confirm they have received the message. Tesco has not yet confirmed the origin of the message, but it has been confirmed as a scam, that is currently undergoing an investigation by the supermarket’s Phishing Team.
Victim’s Text Message
Other News, Dubious Emails Containing URLs with up to 1,000 Characters Have Been Raising Eyebrows
The following week a separate targeted phishing campaign, which claims your email has been blacklisted, due to several login failures and requires you to confirm your identity, was exposed.
Thanks to the campaign’s bizarre links containing almost 1,000 characters, it raised suspicions from the outset. The scam, as seen below, presents itself as your email domain’s support system and requests that you make another attempt to log-in or risk the account being terminated.
Once clicking on the link, you will be taken to a landing page with a login form customised specifically to your domain. According to Bleeping Computer, Derek from My Online Security noticed that URLs in the emails are “very long”, ranging from 400 characters to 1,000 characters.
The reason behind these extraordinary URL lengths is unknown, but according to an analysis of the URL by web site analysis service URLscan displays more than 1,100 phishing pages with multiple similarities, meaning they could be coming from the same phishing kit.
Mailbox users have been warned when receiving dubious emails, to draw their attention to the length of URLs and use this as a potential warning sign, when choosing whether or not to click on links or attachments provided within.
Check Out Our Other Recent P
Intentional or not, insider threats are on the rise. Don’t take the chance; gain a better understanding in our cyber security infographic.
Locking the Door Is No Longer Enough: Required Capabilities for Identity and Access Threat Prevention
In this blog, we will define the key requirements and capabilities of IATP solutions and the drivers they should support within an organisation.
Malicious actors continue to exploit Remote Desktop Protocol (RDP) to gain access to the target computers. Mitigate your exposure now.