The new phishing scam redirects users multiple times and also uses CAPTCHA before stealing credentials.
Since the advent of phishing in itself, different types of scams have existed ranging from one-fits-all emails to targeted spearphishing campaigns. One such type happens to fall into the category of subpoena themed emails in which the attacker claiming to be an authority, tries to convince the victim into falling for their trap.
These although not so common have occurred from time to time. An example is of November last year when malicious actors targeted users posing as the UK’s Ministry of Justice and tried to infect them with a malware named “Predator the Thief.”
See: Microsoft, PayPal & Facebook most targeted brands in phishing scams
Similarly, just a couple of days ago, Armorblox – an email protection company – has released a report on how this time threat actors are sending fake emails purportedly from the UK’s supreme court.
Here is a screenshot of the phishing email:
Image: Armorblox
To make sure, it evades regular security filters, the attackers only send the email to specific users instead of bulk-messaging which ensures that it isn’t “caught in the bulk email filters of Exchange Online Protection (EOP).”
For the unacquainted, EOP is Microsoft’s own email protection service aimed towards removing malicious content from email messages & even filtering spam. Theref ..
Support the originator by clicking the read the rest link below.
