Jump to content
Sign in to follow this  

I hear that "personalised" phishing is being sent out.

Recommended Posts

Yes, this is effectively UK automated spear malware. It's not technically phishing (as defined by PhishTank at least) since it's not attempting to obtain credentials. As the expert on that story says it's probably getting the correlation between email address and postal address from a website data breach.

419 frauds aren't designed to look convincing. Phishing and malware is. Also note that the ransomware business model seems to be working well for some scammers who have access to a fair amount of technical know-how as endpoint antivirus is frequently too slow to catch their latest VBA or WScript downloaders.

Action Fraud also incorrectly describe this attack as "Phishing" at http://www.actionfraud.police.uk/news/alert-fake-debt-collection-and-council-tax-emails-apr16.

BTW another news story, this time in the US and highlighted by https://www.us-cert.gov/: https://www.irs.gov/uac/Newsroom/IRS-Warns-Washington-DC-Maryland-Virginia-Residents-of-New-Phishing-Scam-Targeting-National-Capital-Area No information what was involved in the data breach.

Edited by Cedders

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this