I received a legitimate looking email BUT….
Scammers have prepared a fake DocuSign login page that requests their credentials (email address and password) that if entered allow the criminal controllers to attempt and use them for additional services. The dangerous fact about the scam is that it allows the users to use other services to login:
§ Microsoft
§ Yahoo
While the scam seems to primarily attempt to harvest user data it can have some very dangerous consequences. Apart from the hackers having access to a primary account credential. This information can then be used by the hackers to attempt and intrude into other accounts owned by the users.
A dangerous practice is the continued display of instructions to the victims. The hacker can lure them into downloading viruses of all kinds: Trojans, ransomware, worms and etc. A dangerous tactic is when the site loads scripts or plugins to the affected browsers. A possible case scenario is the introduction of cryptocurrency miners to the victim hosts — they use the available system resources in order to carry out complex mathematical calculations. The results are reported to a server and as a reward money is transferred to the criminal operators in the form of digital currency assets.
Comments