« previous next »
Pages: [1]

Author Topic: Verizon Customers Targeted in Mobile-Focused Phishing Campaigns  (Read 100 times)

Offline javajolt

  • Administrator
  • Hero Member
  • *****
  • Posts: 35171
  • Gender: Male
  • I Do Windows
    • windows10newsinfo.com
Verizon Customers Targeted in Mobile-Focused Phishing Campaigns
« on: April 03, 2019, 11:22:02 AM »
Phishing campaigns, some launched as recently as March, aimed at stealing credentials from Verizon mobile customers by spoofing the company's support service.

Being mobile-focused and using an identifier for an official service from Verizon is what prompted researchers to categorize it as sophisticated above average.

The link delivering the phishing kit includes the abbreviation 'ecrm,' which Verizon uses as a sub-domain - ecrm.verizonwireless[.]com - for its Electronic Customer Relationship Management platform.

Researchers at Lookout mobile security company noticed one such attack in late November 2018; another one occurred in February this year and the activity intensified in March when three waves were recorded in two consecutive days.

All domains hosting the phishing kit included the 'ecrm' identifier and the Verizon name:

   
Quote
   • 2018-11-28ecrmverizon.com

   • 2019-02-02ecrmverizonwireless.com

   • 2019-03-19ecrmemail-verizonwirelesss.com

   • 2019-03-19ecrmemail-verizonwirelesss.info

   • 2019-03-20ecrmemail-verizonwirelesss.net

Loaded on the desktop, the phishing page looks suspicious, but on mobile devices, it renders as if it were genuine and could easily fool the receiver into sending the attacker the login credentials (phone number or user ID, and password) for the Verizon account.



"This kit targeted Verizon customers through malicious links masquerading as Verizon Customer Support. This shows that the attackers did their research," writes Jeremy Richards, a principal security researcher at Lookout.

Richard goes on to say that the campaign indicates that the attacker did their homework and know details about Verizon's infrastructure.

The list of domains used for phishing against Verizon customers is quite large, comprising over 50 domains that were registered in the past three months.



Verizon customers are constantly targeted by phishing campaigns and the company is perfectly aware of this. A page is available with variations of the fraud attempts to warn users to be on guard.

Customers of AT&T have also been targeted in a phishing campaign that was active on Monday. Microsoft researchers found it via Windows Defender Advanced Threat Protection platform.

The malicious email delivered a document informing the potential victim of a change in their list of scheduled payments. A link at the end of the message directed them to a phishing page "typically hosted



source
Logged

Pages: [1]
« previous next »