In a previous blog post, Malwarebytes researchers showed how fraudsters were leveraging features from the very company (Microsoft) they were impersonating.
Malwarebytes Labs continue this series with another clever trick abusing Canva, a popular online tool for graphic design. This time, the scammers registered an account on Canva to create a new design that, is in fact, a replica of the Canva home page. As victims come from a malicious ad, they land on this deceiving page that lures them into interacting with it. The result: as soon as you click on the image, your browser is hijacked with a fake Microsoft alert.
Read more…
Source: Malwarebytes Labs
Related:
- Germany launches terrorism probe over planned attack on Muslims
June 8, 2020
German authorities arrested a 21-year-old man and launched a terrorism investigation after he threatened to carry out an attack targeting Muslims, prosecutors said on Monday. The 21-year-old man from the northern city of Hildesheim made the threat in an anonymous online chat forum on May 29, announcing his intention to carry out an attack “with multiple ...
- New Avaddon Ransomware launches in massive smiley spam campaign
June 8, 2020
With a wink and a smile, the new Avaddon Ransomware has come alive in a massive spam campaign targeting users worldwide. Avaddon was launched at the beginning of this month and is actively recruiting hackers and malware distributors to spread the ransomware by any means possible. As its first known attack, the Avaddon Ransomware is being distributed in ...
- Hackers are targeting your smartphone as way into the company network
June 4, 2020
The number of phishing attacks targeting smartphones as the entry point for attempting to compromise enterprise networks has risen by more than a third over the course of just a few months. Analysis by cybersecurity company Lookout found that there’s been a 37% increase in mobile phishing attacks worldwide between the last three months of 2019 and the first ...
- Tycoon Ransomware Banks on Unusual Image File Tactic
June 4, 2020
A new ransomware strain called Tycoon is seeking to wheel and deal its way into the Windows and Linux worlds, using a little-known Java image format as part of its kill chain. The ransomware is housed in a trojanized version of the Java Runtime Environment (JRE), according to researchers at BlackBerry Cylance, and has been around ...
- U.S. Nuclear Contractor Hit with Maze Ransomware, Data Leaked
June 4, 2020
A U.S. military contractor involved in the maintenance of the country’s Minuteman III nuclear arsenal has been hit by the Maze ransomware, according to reports – with the hackers making off with reams of sensitive information. The company, Westech International, has a range of contracts with the military for everything from ongoing evaluation for the ballistic ...
- Lemon Duck Cryptominer Spreads through Covid-19 Themed Emails
June 3, 2020
Malware authors continue to take advantage of the coronavirus pandemic to propagate threats. In a recent related campaign, we have come across a PowerShell script (mailer script) that distributes the Lemon Duck cryptominer through a new propagation method: Covid-19-themed emails with weaponized attachments. These emails are delivered to all Microsoft Outlook contacts of the user of a ...