They warn of a phishing campaign that steals data from the Free Market – El Ciudadano y la Región



[ad_1]

Computer security experts have denounced the circulation of a new phishing campaign – a type of virtual deception – with e-mails that arrive from the violated domain of a local company and direct them to fake Mercado Libre sites to steal the personal data of the victims.

The e-mails come from a ".com.ar" address, "which means that there is a violated domain: that the criminal was able to enter the server of this company and began to send e-mails" from there, explained to Telam Cristian Borghello , director of Segu-Info.

The expert avoided informing which company is involved not to interfere in the investigation carried out by the Specialized Prosecutor in Cibercrime, where he made the denunciation, although he specified that this campaign has common aspects and others unpublished in the country.

The e-mail message that arrives at the victims says: "Dear user, We have detected a large number of irregularities in your movements, so we have decided to suspend your account, so that you can recover access to it, you must confirm your identity. identity here. "

According to Borghello, one particularity of this campaign is that, in addition to the ".com.ar" domain being violated, use "a .com" domain registered three days ago. "

"Something special, that I had never seen in Argentina, is that the link that is where the message says" click here "points to TrendMicro, an antivirus company, so these emails ignore the antispam filters "the expert warned.

After clicking on this link, the attacker asks to enter the password and personal data of Mercado Libre, which he then steals.

The campaign "is very widespread," said Borghello, "although it is impossible to know whether thousands or hundreds of thousands" were the emails that have been sent so far.

Computer security experts have denounced the circulation of a new phishing campaign – a type of virtual deception – with e-mails that arrive from the violated domain of a local company and direct them to fake Mercado Libre sites to steal the personal data of the victims.

The e-mails come from a ".com.ar" address, "which means that there is a violated domain: that the criminal was able to enter the server of this company and began to send e-mails" from there, explained to Telam Cristian Borghello , director of Segu-Info.

The expert avoided informing which company is involved not to interfere in the investigation carried out by the Specialized Prosecutor in Cibercrime, where he made the denunciation, although he specified that this campaign has common aspects and others unpublished in the country.

The e-mail message that arrives at the victims says: "Dear user, We have detected a large number of irregularities in your movements, so we have decided to suspend your account, so that you can recover access to it, you must confirm your identity. identity here. "

According to Borghello, one particularity of this campaign is that, in addition to the ".com.ar" domain being violated, use "a .com" domain registered three days ago. "

"Something special, that I had never seen in Argentina, is that the link that is where the message says" click here "points to TrendMicro, an antivirus company, so these emails ignore the antispam filters "the expert warned.

After clicking on this link, the attacker asks to enter the password and personal data of Mercado Libre, which he then steals.

The campaign "is very widespread," said Borghello, "although it is impossible to know whether thousands or hundreds of thousands" were the emails that have been sent so far.

Phishing was the most widely used type of cyber attack in the world in 2018, and traditional propagation routes – such as e-mail – were accompanied by messaging applications with which attackers could reach more potential victims.

[ad_2]

Source link