March 9, 2016
Symantec recently discovered a phishing site for Amazon.com which didn’t seem particularly noteworthy at first. However, looking at the HTML source revealed an interesting comment from the attacker. The following figure shows a “brag tag” that details the name of the scam, “Scama Amazon 2016,” along with the attacker’s name, website, and even a YouTube channel.
We see a huge variety of different phishing campaigns, everything from almost flippant phishing sites decorated with fish to sites using new, previously unseen AES encryption techniques. The “Scama Amazon” attack demonstrates another new wrinkle, with attackers promoting themselves within their own phishing attack.