Agency in UK warns about phishing campaigns

Updated at: Oct 01, 2019
By Gatefy

Agency warns about phishing campaigns

“The NCSC is investigating a large-scale phishing campaign affecting sectors including transport, engineering and defence”. This is how one of the recent NCSC (U.K.’s National Cyber Security Center) advisory begins.

The NCSC also says in the document that it doesn’t know the origin of the attacks, but that the techniques used suggest a coordinated and structured criminal activity.

Potential victims have received emails from people they know, from their supply chain. These people have had their accounts compromised, which lures the victims because the fraud seems legitimate.

In the scam, fraudsters ask recipients to click on URLs or open PDF files in the email. The links contain clones of login pages of services such as Apple and Office365, another technique that gives even more legitimacy to the fraud.

Here you can see some samples of the malicious links

• hxxps://consejo.unam.mx/includes/Office365-K/Microsoftdocs/
• hxxps://pkgdonation.com/
• hxxp://gok.lapszenizne.pl/media/Office365-K/Microsoftdocs/
• hxxps://bit.ly/2HcLEe1/
• hxxps://hdl.handle.net/11346/Capital
• hxxp://hdl.handle.net/11346/Completed
• hxxps://drive.google.com/file/d/1QVEkE6lizP9Vs3teL0Mn1yD0Wfj6YLCq/view?usp=sharing
• hxxp://hdl.handle.net/11346/Follow-Up-A36K
• hxxp://hdl.handle.net/11346/IYM5
• hxxps://www.watchdog.org.nz/rssb-bidding/Files
• hxxps://ofhsiaterldmns.ga/drive/Speedx/Speed/
• hxxp://investment.tn/property
• hxxps://imrmedical.net/12/12/pass.php
• hxxps://imrhealthjobs.com/veriffy/c3e2abd83662636155fd30f4aa71403e/
• hxxps://imrhealthjobs.com/umped/2b7d76425a660b781846077a643a1cf4/

Always be alert

Therefore, we reinforce our advice to always be suspicious of emails that contain links and attachments, and of messages that treat the subject as urgent. It is important to keep in mind that we are all potential victims of attacks and need to be alert.

The fact that the criminals are using compromised accounts increases the chances of their success. In these specific cases, as the NCSC points out, it is fundamental to:

• Check the way the email was written;

• Verify the address of the URLs that the browser shows;

• Contact the sender in case of mistrust.

Another important tip is to beware of logins and passwords. Using strong passwords and varying them may help a lot in situations like this. Sometimes criminals only need one password to have unrestricted access.

Access the NCSC advisory

Click here or over the image.