Attackers Exploiting COVID-19 to Phish Customers of South Africa’s Third Largest Bank
NEWS: IRONSCALES researchers have identified a new email spoofing phishing attack targeting the customers of Absa Bank, South Africa’s third largest financial institution. The attack is targeting customers and other organizations with a spoofed financial relief funds application. The now-trending phishing attacks were first discovered when at least 25 employees at the same company were targeted at random times over a three-day period.
The links in the email pointed to legitimate ABSA bank webpages, however the attack included an HTML attachment that, when opened, redirected the victim to a different URL that looked like ABSA’s real online banking login page. IRONSCALES was able to detect this attack by using computer vision to visually inspect the attachment in order to detect that this was in fact a fake login page designed to harvest banking credentials.
IRONSCALES is deployed at the mailbox-level and not at the gateway, thus this COVID-19-driven email spoofing attack is the latest designed to bypass secure email gateways and authentication protocols.