- Herencia, propósito y creatividad confluyen sobre un manto tecnológico en los irrepetibles UMusic Hotels
- OpenAI, SoftBank, Oracle lead $500B Project Stargate to ramp up AI infra in the US
- 오픈AI, 700조원 규모 'AI 데이터센터' 프로젝트 착수··· 소프트뱅크·오라클 참여
- From Election Day to Inauguration: How Cybersecurity Safeguards Democracy | McAfee Blog
- The end of digital transformation, the rise of AI transformation
Black Friday: Scammers Exploit Luxury Brands to Lure Victims
involving the spoofing of luxury brands, including Louis Vuitton, Rolex, and Ray-Ban.
The hackers craft enticing emails promising heavy discounts on these luxury products, with the email addresses manipulated to mimic the authenticity of the brands.
Despite the appearance of legitimacy, a closer look reveals that the email origins have no connection to the actual luxury companies, CPR noted.
Once the links within these emails are clicked, victims are led to websites meticulously designed to replicate the official sites of the targeted brands. These fraudulent sites peddle luxury goods at unbelievably discounted prices.
Check Point said that the real danger in the malicious intent behind these sites lies with the fact that they prompt the user to input their account details. This sensitive information then becomes vulnerable to theft by the attackers.
Delivery Sector Continues Leveraged by Cybercriminals
Ahead of the busy online shopping season, CPR also noted how cybercriminals are manipulating the delivery and shipping sectors.
In October 2023, there was a staggering 13% increase in the number of malicious files associated with orders and delivery/shipping compared to October 2022.
Recently, CPR found a campaign of Agent Tesla malware with Archive files delivered as attachments to emails using subjects related to orders and shipments, such as – po-######.gz / shipping documents.gz, luring the victim to download the malicious file.
Be Wary of Phishing Websites
CPR also highlighted examples of phishing websites, which have similar registered information and look similar to each other – offering well-known shoe brands at ridiculous prices.
Cybercriminals have invested significant effort in crafting deceptive websites that closely mimic authentic platforms, CPR noted.
This strategy aims to trick end-users into willingly providing their credentials. URL phishing serves as a pretext for executing credential harvesting attacks, and when executed effectively, it can result in the theft of usernames, passwords, credit card details, and other sensitive personal information.
Particularly, successful instances often prompt users to log in to their email or bank accounts.
