November 20, 2023
Severity Medium Analysis Summary Agent Tesla is a very popular spyware Trojan built for the.NET framework. Since its initial appearance in 2014, this has been deployed […]
Rewterz Threat Alert – Protecting Your Organization from Password Spraying
July 22, 2019Rewterz Threat Alert – BrushaLoader Ransomware Still Sweeping Victims
July 23, 2019Rewterz Threat Alert – Protecting Your Organization from Password Spraying
July 22, 2019Rewterz Threat Alert – BrushaLoader Ransomware Still Sweeping Victims
July 23, 2019
Severity
Medium
Analysis Summary
A new type of phishing campaign that is targeting American Express card users. In these incidents, attackers are sending a hyperlink as part of a phony account update to access the victim’s credentials and other account details.
What makes this phishing attack different is that instead of using a hyperlink to send victims to a malicious landing page, this scheme deploys an embedded “base href” URL to help hide the true intent from anti-virus and other security tools. The attackers behind this phishing campaign also sought out as many American Express users as possible and did not discriminate between corporate users or consumers. The attack targeted users four types of American Express accounts: actual credit cards, membership reward accounts, merchant accounts and American Express @Work accounts.
Impact
- Credential theft
- Exposure of sensitive information
Remediation
- Always be suspicious about emails sent by unknown senders.
- Never click on the link/ attachments sent by unknown senders.