- This video doorbell camera has just as many features are my Ring - and no subscription required
- LG is giving away free 27-inch gaming monitors, but this is the last day to grab one
- I tested this Eufy security camera and can't go back to grainy night vision
- I replaced my iPhone with a premium dumbphone - here's my verdict after a month
- Build your toolkit with the 10 DIY gadgets every dad should have
Countdown Clock Puts Pressure on Phishing Targets
Security researchers are warning of a new phishing campaign which tries to hurry users into making poor decisions by presenting them with a countdown clock.
Cofense recently spotted the credential harvesting campaign, which arrives in the form of an alert email about a non-existent ‘suspicious login’ to their account.
Purporting to come from a fake security company called ‘DNS Online Security,’ the message requests that the user verify their email or risk being locked out/deactivated.
The phishing page the user is then taken to is designed to socially engineer them into rushing to enter their details, by listing various email addresses from the same company that it says are currently being ‘deleted.’
“The page runs in a loop with randomly generated names assigned to the domain based off the target company’s domain. Sharing some similarities with ransomware, the target company is faced with a countdown timer and the choice of stopping the deletion of potentially company-wide email access or entering their credentials,” wrote Cofense.
“The timer also shares ransomware-type panic creation all designed to push the recipient into entering their credentials without second guessing. These details aren’t deleted and are merely randomly generated as part of the scare tactic. Much the same as a ransomware ‘timer’ for permanent file deletion should the ransom not be paid.”
If the victim provides their credentials, those details are sent to a remote command and control (C&C) server. In some cases, they will be redirected to an ‘account validation’ page, before finally landing at the homepage of the targeted organization.
The campaign highlights the continued innovation and sharing of tactics that occurs on the cybercrime underground, in this case borrowing social engineering techniques from ransomware actors.
Phishing remains the number one threat vector for cyber-criminals. In Q1 2022, detected volumes reached a record high, according to the Anti Phishing Working Group (APWG).
