Akamai Security Research has posted a blog detailing their analysis of a WordPress-focused, Paypal-themed phishing kit seen in the wild. What’s unique about this kit is how thoroughly it attempts to steal a victim’s identity, including credit card information, PIN numbers, SSNs, email credentials, answers to common verification questions, and even selfies and pictures of government documents. Researchers note how the kit tries to establish legitimacy through social engineering, by putting a “security feature” like a captcha at the beginning and slowly escalating the types of information it asks for so the victim can “verify” their account after unusual activity. The threat actor behind this kit seems to be targeting unsecure WordPress sites in order to drop this payload. Read more at Akamai Security Research.
H2Oex: In Person 1 day event/exercise. Thurs Dec 5th. Washington DC. Join us!