Microsoft’s Windows Defender Security Intelligence Team of their cybersecurity experts discovered two new email based phishing campaigns this week. The first targets American Express users and the second one targets customers using Netflix.
Read on to know more about how the phishing campaigns affected the customers.
The Phishing Bait Campaigns
Reportedly, the phishing campaigns designed for both Amex and Netflix users are well-crafted. They feature legitimate looking logos and forms that look nearly the same on the respective company’s individual websites.
What the cybersecurity team does not know is if the campaigns are being orchestrated by the same group. The similarities between the two are that they were both launched a weekend before and both of them had a wide reach. The advice for all computer users from the Windows Defender Intelligence Team is nothing more than to be especially vigilant in the foreseeable future.
The Rise of Phishing Attacks
There has been an increase in frequency of phishing attacks. They are also getting more sophisticated with time. More than 20 percent of the email recipients of the phishing campaigns were convinced that the messages were legitimate. They ended up clicking on the redirecting links.
In the last year itself, the hike in phishing attacks was over 250%, according to Microsoft’s security experts.
The Personal Nature of the Phishing Attacks
Both the attacks on Amex as well as Netflix customers were extremely personal in nature. They both warned the users of issues with their account, which is usually a common tactic when it comes to phishing scams.
The Amex Attack
Amex customers received an email which was a “Notice Concerning Their Card Member Account”. The mail supposedly claimed that the users had to go through a reauthentication process due to security reasons.
The mail prompted the receivers of the message to download and fill out the attached form. According to reports, the form itself did not contain any virus. Instead, it asked for some really personal information. Some of the parameters that the users were asked to answer were:
- Mother’s maiden name
- Date of birth
- PIN for their card
- First elementary school
The Netflix Attack
When it comes to the Netflix attack, the phishers warn the application’s users that their account has been put on hold due to a problem with their previous payment. Then, similar to the Amex phishing attack, the prompt redirected the users to a Billing Information form that requested again, very personal information such as complete credit card numbers, the PIN for the card and Social Security numbers, among other personal details.
Subscribe to iTMunch for latest updates in the world of technology, human resources, marketing, finance, artificial intelligence and more.