The spotlight turned towards a worldwide phishing campaign when an incident unfolded involving an Imperva staff member who was singled out and almost ensnared by a social engineering assault.
Imperva, situated in San Mateo, California, operates as a cybersecurity company. It specializes in offering protective solutions for corporate data and application software, ensuring that businesses are shielded from potential threats.
It all began when he (an Imperva staff member) tried to sell a car seat on Yad2, a website for used items. Someone interested in buying messaged him on WhatsApp and introduced a fake payment service, using Yad2’s look, and sent a link (hxxps://yad2[.]send-u[.]online/4765567942451).
The fake site had the Yad2 logo and an orange button to get paid.
Subsequently, the target was led to a payment page, which then transmitted the credit card information to the fraudsters. The website also featured a customer support chat feature that enabled the individual to communicate with Yad2.
Subsequently, the target was led to a payment page, which then transmitted the credit card information to the fraudsters. The website also featured a customer support chat feature that enabled the individual to communicate with Yad2.
This expansive operation encompassed over 800 distinct fraudulent domains, taking on the guise of approximately 340 reputable global enterprises. Among these were prominent financial institutions, postal and courier services, and social media and e-commerce platforms.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: