There is an extensive list of TTPs (Tools, Techniques, Procedures) that attackers can use to conduct cybercrimes, but it boils down to only four fundamental motives.
- Fun
- Money
- Information Theft
- Extortion
Yes, and it all started with fun; remember old school viruses and worms like Blaster, Sasser, and Slammer. All created for fun; no other motives were involved.
The money motive in the recent Twitter breach involving Bitcoin transfer scams received much media attention. As part of this breach, Twitter accounts of various celebrities were compromised to perform Bitcoin scams. You can read more about it here.
Bitcoin transfer scams are not a new concept. SlashNext’s Threat Lab sees dozens of Bitcoin phishing sites each day that use celebrity photos and names to conduct similar cryptocurrency scams. Cybercriminals prefer stealing cryptocurrency because it can be used for nefarious purposes on the Darkweb, leaving no trail behind.
Here are a few examples of Bitcoin scams we have seen recently; the theme is the same. A celebrity promises to give away bitcoins, only if you initiate a smaller transfer first—an easy way to make money.
The typical legacy technologies that rely on domain reputation and signatures are unable to spot these types of attacks. Below is one such example.
These Bitcoins scams are just the tip of an iceberg. Phishing payloads that traditionally used fake login have morphed into dozens of different payloads, including money transfer scams, scareware, rogueware, credit card fraud, gift scams, man-in-the-middle attacks, just to name a few. Making the situation worst, the infection vectors are no longer limited to just email but mobile, ads, search engines, messaging apps, etc.
We are living in a multi-vector phishing landscape, and counter to that is multi-vector phishing protection.
SlashNext is the phishing authority and leading the fight to protect the world’s internet users from phishing anywhere. SlashNext end-to-end phishing protection services utilize our patented SEER technology to detect zero-hour phishing threats by performing dynamic run-time analysis on billions of URLs a day through virtual browsers and machine learning. Take advantage of SlashNext’s services using mobile apps, browser extensions, and APIs that integrate with leading mobile endpoint management and IR tools. Contact us today for a live request a demo.