Cyber Security News reported:
The attack begins with deceptive “New Voice Notification” emails that appear to come from legitimate voicemail services. These emails contain spoofed sender information and feature prominent “Listen to Voicemail” buttons that redirect victims through a complex chain of compromised websites.
After clicking the malicious link, victims are redirected to a CAPTCHA page hosted on horkyrown[.]com, a domain registered in Pakistan.
The final stage presents users with a pixel-perfect replica of Gmail’s login page, complete with Google branding and authentic-looking interface elements.
The fake login form captures both primary credentials and advanced security measures, including two-factor authentication codes, backup codes, and security questions.
Takeaway: Avoid clicking links for voicemail. Access your company provided voicemail for legitimate messages.
After clicking the malicious link, victims are redirected to a CAPTCHA page hosted on horkyrown[.]com, a domain registered in Pakistan.
The final stage presents users with a pixel-perfect replica of Gmail’s login page, complete with Google branding and authentic-looking interface elements.
The fake login form captures both primary credentials and advanced security measures, including two-factor authentication codes, backup codes, and security questions.
Takeaway: Avoid clicking links for voicemail. Access your company provided voicemail for legitimate messages.
Find the original article here.
Enroll in Training Sessions: Last Thursday of Every Month is Training on Frauds and New Scam Alerts and How to Combat
Enroll in Training Sessions: Last Thursday of Every Month is Training on Frauds and New Scam Alerts and How to Combat