Researchers at the Cofense Phishing Defense Center (PDC) have been able to dig further into the addressing characteristics of one of the phishing attempt that used Verizon's multimedia messaging service - Vzwpix – employing Cofense Vision. Verizon's Vzwpix is a genuine multimedia messaging service. It allows users to send emails from mobile phones, which often include the sender's contact number. Fraudsters exploit the popularity of this service by faking an original email address via spoofing. Cyber attackers could use these services to mass deliver SMS that comes from a mobile number but does not include the sender's name and identity. If somehow the recipient does not recognize the mobile number, then they might be left speculating who had sent these emails. Hundreds of complaints about Verizon's Vzwpix service domain have been obtained by the Cofense PDC over the last week. A majority of these messages would be texts or pictures, but investigators are continuously on the lookout for potential risks. Malicious actors used Vzwpix to target potential audiences in a range of sectors throughout the last week. According to Cofense PDC, the message received by the users were all in plain text and without any formatting or pictures. It leads to a new voicemail and employs a monetary enticement via ACH transfers.The link is provided as plain text, informing users of where they will be redirected. It was smart enough to avoid the first assessment from the secure email gateway (SEG) by employing a valid survey application; nevertheless, certain SEGs would've been able to verify the content of the survey via link click. The cyber attackers employed Alchemer, a survey form generator that makes it very convenient to design ..
Support the originator by clicking the read the rest link below.
