Last week I was contacted by CERT Poland. They'd observed a phishing campaign that had collected 68k credentials from unsuspecting victims and asked if HIBP may be used to help alert these individuals to their exposure. The campaign began with a typical email requesting more information:
In this case, the email contained a fake purchase order attachment which requested login credentials that were then posted back to infrastructure controlled by the attacker:
All in all, CERT Poland identified 202 other phishing campaigns using the same infrastructure which has subsequently been taken offline. Data accumulated by the malicious activity spanned from October 2022 until just last week.
The advice to impacted individuals is as follows:
Get a digital password manager to help you make all passwords strong and unique
If you've been reusing passwords, change them to strong and unique versions now, starting with the most important services you use
Turn on multi-factor authentication wherever it's available, especially for important accounts such as email, social media and banking
Never open attachments or follow links unless you're confident in the trustworthiness of their origin and if in doubt, delete the email
August 31, 2023 at 11:29AM Click here for more details...
=============================
The original post is available in Troy Hunt by Troy Hunt
this post has been published as it is through automation. Automation script brings all the top bloggers post under a single umbrella.
The purpose of this blog, Follow the top Salesforce bloggers and collect all blogs in a single place through automation.
============================
Post a Comment