Phishing attacks are continuing to plague millions of users
around the world. RSA FraudAction claims that more than 120 new phishing
messages were created and sent out each hour on average in 2016. Large numbers
of Americans were the target recipients of at least 60% of these phishing
messages, though also 60% of these originated from various American states,
cities and towns. Almost all phishing messages use fraud websites to carry out
credit card fraud, identity theft and other online scams.
How Are Fraud Websites Used for Phishing Attacks?
Phishing attacks are mainly designed to trick users into
unknowingly giving away their personal information, sensitive details and
financial account credentials. Some even try to fool unsuspecting users into
uploading scanned versions of their identity documents. To convince more users
to do what they want, they use fraud websites that look exactly like the
official relevant sites their intended victims use on a regular basis.
These fraud websites are linked from the phishing messages
that are sent out by scammers and organized crime syndicates to their intended
recipients. Some of them integrate malicious code into these fake sites, which
enables it to automatically download and install spyware items into the user's device
without permission. These malware programs are injected with auto activation
code, which allows it to run and covertly log the user's inputs in the
compromised device. These inputs are then logged, stolen and transmitted to
designated Web servers that are operated by the authors of the rogue sites.
Phishing messages are also laced with fake urgency claims.
These are designed to compel intended victims to click the links and be taken to fraud websites. For example, a lot of phishing messages falsely claim that
users need to log into their online banking portal to update their personal
details, financial information and account credentials, in order to block
possible security breaches that have been supposedly reported by many other
users.
Found below are some of the newest phishing attacks that use
fraud websites to victimize a lot of unsuspecting American users. This can help
you quickly recognize similar phishing messages and steer clear from clicking
links that point to similar fake sites:
Newest Phishing Attacks Against American Users This Year
1. WhatsApp Phishing Attack - Designed to victimize
WhatsApp users in the USA, these messages are integrated with links that point
to fraud websites. Users are told that they can get free Wi-Fi Internet connectivity
without requiring a wireless network. However technically impossible this might
sound, a lot of non-tech savvy users were tricked into believing this fake
claim.
They were told to forward the same message to at least 14 of
their WhatsApp contacts. Afterwards, they were told to click links that point
to fraud websites with instructions on how to get this bogus offer. Once they
were taken to these fake sites, they were asked to do many things, all of which
are designed to line the pockets of the authors of this phishing attacks
through affiliate commissions. Once they completed everything, no instructions
were displayed. Although they didn't lose any money and also didn't have their
private details stolen, they wasted a lot of time doing the things that they
were told to do in those rogue sites.
2. Netflix Phishing Attack - This was primarily designed
to steal the personal details and financial information of Netflix users in the
USA. Victims received messages from spoofed email addresses, claiming that they
need to log into their Netflix accounts to update their account credentials and
payment information. This is supposedly to prevent further security breaches in
their accounts, as allegedly reported by other Netflix users. Links in these
messages take them to fraud websites, which is designed to look exactly like
the official Netflix video content repository. Once they entered their login
credentials, personal details and financial information in these bogus sites,
these were logged, stolen and used by the authors of this phishing attack for
their other illegal activities online and offline.
Watch out for these phishing scams and fraud websites. Sign
up at Big Scammers to conveniently receive instant alerts and notifications
about the latest variants of these Web crimes and online scams. This can help
you quickly recognize potential scams and safely steer clear from similar Web
crimes.