A malicious phishing scam has been discovered by threat researchers from Bolster.ai, where threat actors have been impersonating more than 100 apparel, clothing, and footwear brands. This includes popular brands such as Nike, New Balance, and Vans, as well as Doc Martens, Miu Miu, Converse, and Etsy, with the intention of stealing account credentials and financial information from their customers. The campaign has been active since June 2022 and has seen the addition of around 300 new fraudulent sites on a monthly basis between November 2022 and February 2023.
These phishing attacks are not new, and they are continuing to evolve in complexity and effectiveness. This year, attackers have shifted their tactics to target users with more sophistication and precision. They utilize various methods such as social engineering, spoofing, and impersonation to improve their chances of success. In this particular phishing scam, the attackers followed a simple naming convention by combining the brand name with a city or country, followed by a generic top-level domain such as .com.
The threat actors behind this phishing scam are not only sophisticated in their approach but are also taking advantage of old domain names. Bolster.ai researchers found that many of the domains used in this campaign were old, some even two years old. This strategy helped boost the success of this scam since older domain names are less likely to be flagged by security tools as being malicious. Additionally, old domains help give a boost to global malvertising campaigns because they have time to be indexed by Google and tend to rank higher in search terms, making them more credible to unsuspecting users.
Notably, these fraudulent domains were traced back to Autonomous System number AS48950, which refers to IP prefixes run by network operators. Furthermore, the domains’ IP addresses are hosted by Packet Exchange Limited and Global Colocation Limited, both known for fraud risk, according to Bolster.ai. Companies can take action to mitigate these risks by training employees to be aware of the signs of impersonation attempts and phishing scams, using cybersecurity software to block attempts, and even using artificial intelligence (AI) to automate these processes.
The scams are a cause of concern for both customers and businesses alike. For customers, falling victim to such scams can have serious repercussions, including financial loss, identity theft, and data breaches. Meanwhile, for businesses that are impersonated, their reputation and brand image can be tarnished, leading to a loss of customers. Therefore, businesses need to invest in cybersecurity measures that can prevent such scams from occurring in the first place.
In conclusion, phishing scams remain a significant threat to individuals and businesses alike. With attackers constantly changing their tactics and becoming even more sophisticated, it has become critical to stay vigilant and maintain up-to-date security measures. By adopting a proactive approach to protecting themselves and their customers, businesses can avoid the consequences of these malicious phishing scams.