Hackers are using a clever new phishing technique to create email threads with multiple responses to trick potential victims into thinking bogus messages are legitimate.
The cybersecurity firm Proofpoint has identified the group deploying these so-called “multi-persona impersonation” emails as TA453. The company previously linked TA453 to Iran and says their activities overlap with other groups called Charming Kitten, Phosphorous and APT42.
Proofpoint said Tuesday that it noticed a recent uptick in these types of phishing emails in late June, when the attackers posing as a researcher in one email referenced another researcher who then replied to the thread.
The tactic is designed to create a stronger impression that the activity is real, the researchers said, by employing a psychological phenomenon known as “social proof.” Sometimes referred to as “herd mentality,” the idea is that people are more likely to engage if they see others doing it, too.
The research lands amid a flurry of developments related to other Iranian cyberattacks. Last week, for instance, cybersecurity firm Mandiant classified a range of Iranian-linked hacking activity dating back several years under one threat umbrella dubbed APT42. The same day, Albania announced it was severing diplomatic ties with Iran ..
Support the originator by clicking the read the rest link below.
