- Netskope researchers discover a new Phishing campaign
- Team says that the campaign began in mid -2014 and has affected the “thousands”
- Victims are promised important PDF documents in exchange for credit card data
A new Phishing campaign has been discovered trying to deceive credulous people to deliver their personal information and payment staff to cybercriminals.
Netskope’s cybersecurity researchers detailed their findings, they pointed out that the objective of this campaign is mainly people looking for PDF files online, whether books, documents, graphics or similar files. The criminals would host a False .pdf file in the web flow content delivery network (CDN), which victims could find through search engines.
The PDF file would serve an image that mimics a captcha, but instead it is just a link to a Phishing page. That page, in turn, houses a true captcha of cloud shields. Having a captcha on a Phishing page has two purposes: the first is to provide legitimacy to fraud, and the second is to better avoid different web security protections.
False errors
Users who complete the real captcha are redirected to a page with a “download” button that, after pressing, shows an emerging window. That emerging window asks the victims to provide their personal identification information (PII), as well as credit card data that are then transmitted to the attackers.
The victims who enter the details of their credit card receive a false error message, stating that the payment was not accepted. Those who try several times will eventually be redirected to an HTTP 500 error page.
Netskope says that the campaign has been in progress since the second half of 2024 and has affected, since then, “hundreds” of clients from Netskope and “thousands” of users. The researchers did not say what the criminals are using stolen cards, apart from the fact that it is for “financial fraud.” However, most of the time, Crooks would use credit cards to buy advertising space for evil campaigns, or to buy online gift cards that are difficult to track.
