Phishing attacks are now using automated chatbots to guide visitors through the process of handing over their login credentials to threat actors.
This approach automates the process for attackers and gives a sense of legitimacy to visitors of the malicious sites, as chatbots are commonly found on websites for legitimate brands.
Researchers have shared that recently cybercriminals have been using a sophisticated scheme of phishing.
- Hackers are sending potential victim legitimately looking email, saying there was an issue with a delivery. Indeed, due to Covid getting shopping done online is not a big deal and many of us wait for parcels to come.
- Victim is being asked to follow instructions in pdf file, that they attach to the email, to resolve the issue.
- Pdf file consists of some additional instructions and, what is most important, a link to chatbot that is promised to help managing delivery.
- Chatbot is guiding user in the most general, yet efficient way. It says that due to delivery issues recipient (victim) has to cover some minor additional costs and leads to a payment page.
- Payment page is done very legitimately and even said to support 3D Secure, meaning, sending one-time SMS messages to “confirm the payment”
Indeed, after this not only all data is left to cyber criminals, but also credit card details and all victim’s money on it.
Kaduu team encourages you to keep in mind this example and stay vigilante to phishing.