Notice that the link points users to a vulnerable WordPress site that contains a credential phishing landing page. When clicked, it takes them to the below OneDrive screenshot prompting them to enter their personal information. ![]() When the folder in the above image is clicked on, it redirects to the screenshot shown below.Ī warning saying “Hmm… looks like this file doesn’t have a preview we can show you” baits the visitor into clicking on the Open button. Remember: governments do not generally email the masses, sending unrequested documents, so a user could verify by examining the sender email address and location in the email headers and could visit the legitimate government site to see if there is COVID-19 information there instead. Scammers pretend to be from government offices and deliver documents that contain the latest live questionnaire regarding COVID-19. ![]() As the screenshot below illustrates, the goal is to steal the user’s OneDrive credentials. Nefarious Groups Attempt to Harvest Users’ Credentialsīelow we will take you through three examples of this kind of attack, coming from a government organization, consulting firm and a charitable organization hosted in OneDrive to make them appear more genuine to users. We would like to educate McAfee users and the public about the potential risks with these scams. ![]() They will pretend to be emailing from government, consulting, or charitable organizations to steal victim’s OneDrive details. OneDrive scammers will steal sensitive account information like usernames and passwords. There are number of ways scammers use to target personal information and, currently, one example is, they are taking advantage of the fear around the virus pandemic, sending phishing and scam emails to Microsoft OneDrive users, trying to profit from Coronavirus/COVID-19.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |