Jump to content

I hear that "personalised" phishing is being sent out.


Recommended Posts

Yes, this is effectively UK automated spear malware. It's not technically phishing (as defined by PhishTank at least) since it's not attempting to obtain credentials. As the expert on that story says it's probably getting the correlation between email address and postal address from a website data breach.

419 frauds aren't designed to look convincing. Phishing and malware is. Also note that the ransomware business model seems to be working well for some scammers who have access to a fair amount of technical know-how as endpoint antivirus is frequently too slow to catch their latest VBA or WScript downloaders.

Action Fraud also incorrectly describe this attack as "Phishing" at http://www.actionfraud.police.uk/news/alert-fake-debt-collection-and-council-tax-emails-apr16.

BTW another news story, this time in the US and highlighted by https://www.us-cert.gov/: https://www.irs.gov/uac/Newsroom/IRS-Warns-Washington-DC-Maryland-Virginia-Residents-of-New-Phishing-Scam-Targeting-National-Capital-Area No information what was involved in the data breach.

Link to comment
Share on other sites


This topic is now archived and is closed to further replies.

  • Create New...