1030x360-Phishing
HOT
PUBLISHED BY ANA DASCALESCU QUICK READ

Security Alert: Danish E-Shoppers Targeted by Another Wave of Nets.eu Phishing Campaign

Yet another phishing campaign poses as a reputable payments processor Nets.eu

In the world of online security, two things are clear: phishing remains a top threat, especially against online shoppers, and the cleverest attacks still target payment processors and financial companies. 

This week we observed a new Nets.eu phishing campaign, designed to piggyback off the popularity of this major company that provides the acquiring agreements for merchants to accept online payments. 

Instead of sending off compromised emails with phishing links that seem to appear from online stores or banks, malicious actors now move deeper in the payments processing link in the hopes of tricking users to willingly give up their login credentials. 

Nets, one of the biggest payments processors in Europe, has constantly seen its name hijacked and used in phishing scams. Just how big the scope of the issue is? 

So far, out of the tremendous number of compromised domains blocked by Thor Foresight, our researchers have observed 1535 domains containing variations on the name “Nets”, a lot of them with .dk or .de extensions to lend “legitimacy” to the URLs.  

The way this phishing attack is structured, it can fool even educated internet users.  

First off is the original malicious email, which alerts the receiver that Nets recorded a suspicious payment made outside of Denmark. It also prompts the receiver to take action to cancel a transaction and get a refund. 

To add even more legitimacy to the scam, the email even includes a CVR number, the unique identifier for any business registered in Denmark’s Central Business Register. However, a quick eye might notice bits of broken HTML code preceding that CVR number. 

Once clicked, the user is taken to “netsbeskytte.life/index.html” (a website quickly taken down once the email was flagged as spam) and asked to input their credentials. This page is the same whether visiting HTTP or https, which can prompt some browsers to disregard its malicious nature. 

Because it looks like a private portal hosted by a financial company, users don’t expect the URL to look particularly user-friendly, so they would go along with inputting their personal information in the fields.  

On Chrome and Firefox, the browser makes it clear that the user should proceed no further.  

On Internet Explorer, however, there is absolutely no alarm drawn over the lack of a security certificate or the potentially dangerous URL.  

This is doubly problematic since a lot of Outlook users leave Internet Explorer as a primary browser. 

As phishing continues to grow at an exponential rate, we urge online shoppers (and everyone else!) to exercise double caution in clicking any link received via email. If that link redirects to a page that demands your login, open a separate browser, Google search the service in question and perform the operation from the legitimate website.  

As an extra rule of thumb, be extra suspicious of any email that comes from a bank, a payment processor or an online store, especially if it tries to warn you of fraudulent payment.  

Because attacks like this one come and go with incredible speed, with malicious websites being taken down and reuploaded on a different address as soon as a security researcher discover them, it’s important that users know how to prevent phishing. 

We put together these 4 resources to learn to protect yourself from phishing and other online attacks designed to obtain your sensitive information: 

*This article features cyber intelligence provided by CSIS Security Group researchers.

thor enterprise best anti-malware solution 2018 computing security awards
HOT
PUBLISHED BY ANA DASCALESCU QUICK READ

Thor Enterprise Is Now Best Anti-Malware Solution of the Year

We did it. You did it! The winners at the Computing Security Awards 2018
2018 in cybersecurity
HOT
PUBLISHED BY ANA DASCALESCU SLOW READ

2018 in Cybersecurity Review: What Happened and What the Future Brings (Part 1)

Step into a new year with the essential insights for your security
POLL OF THE WEEK
Software updates – how often do you apply them?
Internet Safety for Kids
RECENT
PUBLISHED BY IOANA RIJNETU 2019.02.12

How to Keep Your Kids Safe on the Internet (10 Actionable Tips)

Or what you can do right now to protect your kids (and family) when navigating online.

These 10 actionable tips will improve Internet safety for your kids and we recommend you follow them right now.

Safer Internet Day 2019 is an international event happening on the 5th of February and is aimed at raising awareness on online safety by promoting safer and positive use of technology for children.

Our team encourages students within their education competitions
RECENT
PUBLISHED BY IOANA RIJNETU 2019.01.28

Heimdal Security Supports the ROC Leeuwenborgh Capture the Flag (CTF) Challenge

We think security education has to be hands-on
50+ Amazing Internet Security Blogs
RECENT
PUBLISHED BY IOANA RIJNETU 2019.01.11

Here are The Internet Security Blogs You Should Follow Today [Updated 2019]

If you want to improve your online safety or gain more cyber security knowledge