Consumers of Brand-name Companies Targeted in Phishing Attacks, FBI Alerts

On Monday, a joint advisory issued by the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) advised organizations to take proactive actions in order to protect themselves against ransomware attacks during the upcoming holiday season.

Yesterday, the Federal Bureau of Investigation (FBI) issued a new warning to alert the public of recent spear-phishing email operations aimed at customers of brand-name companies via their online User IDs and associated email accounts. These attacks are also known as brand-phishing.

This warning was issued as a public service announcement (PSA) via the bureau’s Internet Crime Complaint Center platform, in collaboration with the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA).

How Does It Work?

The potential victims are directed to phishing landing pages through methods such as spam emails, SMS, or mobile and web applications that may spoof the identity or the email address of an organization’s legitimate website.

The scammers may then include login types or malware into their phishing webpages with the intention of accessing and stealing their targets’ login information, credit card details, or other types of personally identifiable information (PII).

Moreover, cybercriminals are probably creating software to trick potential victims into disclosing information in order

Read More: