In a new phishing tactic that has recently come to light, scammers are now using PDF documents as part of a campaign to deceive unsuspecting victims into revealing personal information and credit card details by posing as Amazon Prime. Researchers at Palo Alto Networks Unit42 have identified this fraudulent scheme, which involves sending emails to users with PDF attachments that redirect them to fake Amazon pages where they are prompted to input sensitive data.
According to the researchers, a total of 31 PDF files containing links to these phishing sites have been uncovered, none of which were previously reported to VirusTotal for analysis. The process begins with the victim clicking on the PDF link in the email, which then redirects them to phishing websites hosted on subdomains of duckdns[.]org. These websites utilize cloaking techniques to avoid detection and appear benign to scanners and other security measures.
The phishing websites linked to the PDF attachments aim to mimic legitimate Amazon pages, urging users to provide personal information and credit card details under false pretenses. Despite the deceptive tactics used by scammers, cybersecurity experts emphasize the importance of remaining vigilant and cautious when interacting with emails and attachments.
Javvad Malik, lead security awareness advocate at KnowBe4, underscored the significance of educating individuals on recognizing and reporting suspicious activity in emails. He stressed that emails continue to be a primary target for phishing attacks and emphasized the need for the public to equip themselves with the necessary knowledge and tools to combat these threats effectively.
The campaign employs four initial links that potential victims should be cautious of, which include:
– hxxps[:]//redirjhmxnasmdhuewfmkxchbnvjxfasdfasd.duckdns[.]org/XOZLaMh
– hxxps[:]//redixajcdkashdufzxcsfgfasd.duckdns[.]org/CCq8SKn
– hxxps[:]//zmehiasdhg7uw.redirectme[.]net/xn28lGa
– hxxps[:]//rediahxjasdusgasdzxcsdefwgasdgasdasdzxdz.duckdns[.]org/agungggg1298w862847
As cyber threats continue to evolve and adapt, it is crucial for individuals to stay informed and cautious to protect themselves from falling victim to scams and fraudulent schemes. By remaining vigilant and practicing safe online habits, users can reduce their susceptibility to phishing attacks and safeguard their personal information.