In a previous blog post, Malwarebytes researchers showed how fraudsters were leveraging features from the very company (Microsoft) they were impersonating.
Malwarebytes Labs continue this series with another clever trick abusing Canva, a popular online tool for graphic design. This time, the scammers registered an account on Canva to create a new design that, is in fact, a replica of the Canva home page. As victims come from a malicious ad, they land on this deceiving page that lures them into interacting with it. The result: as soon as you click on the image, your browser is hijacked with a fake Microsoft alert.
Read more…
Source: Malwarebytes Labs
Related:
- Dharma RaaS is ‘targeting and menacing’ SMBs
August 17, 2020
Dharma ransomware as-a-service (RaaS), which is among the world’s most popular, is being used predominantly to target small and medium-sized businesses (SMBs), according to a new report from Sophos. Offers as a service, Dharma ransomware is available to whoever is willing to pay for its use. User groups (called affiliates) rely “almost entirely” on a menu-driven ...
- Nigeria: Military Personnel Arrested For Cybercrime In Lagos
August 17, 2020
Lance Corporal Ajayi Kayode, a serving military personnel in Lagos State, has been arrested for alleged Internet fraud. Kayode was arrested in the Lekki axis of the state by operatives of the Economic and Financial Crimes Commission. The soldier, who was arrested alongside 26 others, said he was still learning “yahoo yahoo” (Internet fraud) from his friends ...
- World’s largest cruise line operator Carnival hit by ransomware
August 17, 2020
Cruise line operator Carnival Corporation has disclosed that one of their brands suffered a ransomware attack over the past weekend. Carnival Corporation is the largest cruise operator in the world with over 150,000 employees and 13 million guests annually. The cruise line operates under the brands Carnival Cruise Line, Costa, P&O Australia, P&O Cruises, Princess Cruises, ...
- ‘EmoCrash’ Exploit Stoppered Emotet For 6 Months
August 17, 2020
A researcher was able to exploit a vulnerability in Emotet – effectively causing the infamous malware to crash and preventing it from infecting systems for six months. Emotet, which first emerged in 2014 and has since then evolved into a full fledged botnet that’s designed to steal account credentials and download further malware, mysteriously disappeared from ...
- Ritz London suspects data breach, fraudsters pose as staff in credit card data scam
August 17, 2020
The Ritz Hotel in London has launched an investigation into a data breach in which scammers may have posed as staff members to steal credit card data. In a series of messages posted to Twitter dated August 15, the luxury hotel chain said that on August 12, the company was made aware of a “potential data ...
- Business technology giant Konica Minolta hit by new ransomware
August 16, 2020
Business technology giant Konica Minolta was hit with a ransomware attack at the end of July that impacted services for almost a week, BleepingComputer has learned. Konica Minolta is a Japanese multinational business technology giant with almost 44,000 employees and over $9 billion in revenue for 2019. Read more… Source: Bleeping Computer