Researchers recently discovered a large-scale phishing email operation that has been targeting primarily customers of Canadian banking chains since at least 2017.
The emails generally attempt to trick recipients into revealing their credentials on a phishing page that utilizes a lookalike domain and impersonates a log-in screen.
Researchers with Check Point Software Technologies uncovered the scam after coming across one such email impersonating the Toronto-based Royal Bank of Canada (RBC). An analysis of the email revealed a Ukrainian IP address that hosted more than 300 domains imitating RBC and other financial institutions.
“As it turns out, there were many more IP addresses on the same netblock… that were part of a massive infrastructure used to launch phishing attacks that attempt to steal banking credentials from Canadian victims,” said the blog post, adding that “we noticed an overlap with the infrastructure of a phishing attack targeting Canadian businesses reported back in 2017.”
Other financial organizations targeted in the operation included American Express, ATB Financial, BMO Bank of Montreal, CIBC Canadian Imperial Bank of Commerce, Coast Capital Savings, D ..
Support the originator by clicking the read the rest link below.
