Phishing attack by “WeTransfer” that will steal hundreds of data • ENTER.CO

The Phishing attacks They are the most famous in terms of internet thefts. It’s a link they send you (generally) that, when opened, steals your data, both from your cell phone and from your computer, even from websites. Marcos Bestero, CEO of ACEDIS Training by Twitter commented new trap pirates.

Today, a complex scam/phishing/data theft attempt. We have received this email: pic.twitter.com/dY7j9J6gOh

– Marcos Bestero 👧🏻👶🏻 (MarcosBL) April 8, 2022

According to Bestero, he received an email informing him that he had received three files. According to the email, the sender of the message was WeTransfer, but in reality, this was a trap that makes it clear that the shipment was made from the file transfer service. To do this, hackers put the recipient’s email address in the body of the email.

The trap was discovered by colleagues from Besteiro who were experts on the subject and alerted him to what was going on. All thanks to the fact that they did not expect the files through WeTransfer, when they hovered their mouse over the URL, they noticed that it did not start as “https://wetransfer.com” causing them to distrust until they discovered the trap.

It may interest you: Five security holes that open the way to cyber attacks

Besteiro adds that, investigating, they realized the Hover effect, which consists in changing the appearance of an item, in this case, the entire email. After the disguised link they find that it is a malicious script that collects this email to see where the link clicked, thus eliminating the user and keeping the domain.

but how? The script opens an “iframe” with your company domain, so it looks like you’re on your company’s website. In this iframe they put the login window so that if you click on the thought that you are entering your page, the virus immediately takes the username and password.

Like this, there are hundreds of scams that are carried out over the internet, text messages, WhatsApp, social networks, etc. It is essential that you are sure of the information you receive and the links you will enter so that you do not fall into cyber attacks.

Photo: ENTER.CO