Hackers are improving phishing attacks by having you chat with ‘sock puppets’
Defined Creations is the Brand, the store, and the business that is sure to have what you need or looking for or maybe that little something that peeks your interest. Take a look at our menu or enter an item is the search bar. We’re connected to a couple different affiliate companies and we earn a commission if you make a purchase. Our line was created with ‘YOU’ in mind. A Brand that’s for anyone who have or is in the process of defining who they are mentally and or physically becoming the best version of their Ideal selves. We provide hand picked Vitamins and Supplements from the Worlds Top Brands. Plus, workout and exercise essentials for the active man or woman. Complete with an electronics department for all your gaming, exercise, leisure and home improvement needs. Follow us and you just might hear something, read something, learn something or see something that changes your life…. for the good. Thank you for your Support!
CREATE YOUR LIFE
Hackers are launching more sophisticated phishing attacks. This time it’s not just posing as your IT guy sending you suspicious links through email. This new scam involves using fake ‘sock puppet’ email accounts to trick you into thinking you are part of conservation among colleagues.
Researchers at Proofpoint (opens in new tab) (via Bleeping Computer (opens in new tab)) call the technique “multi-persona impersonation,” or MPI. The technique involves looping the target into a fake email exchange between multiple scammer personas in an attempt to convince them that it’s a legitimate conversation. Once trust is gained, sometimes after engaging in “benign conversations with targets for weeks,” according to Proofpoint, the hackers deliver a malicious link.
The email exchange will be related to the target’s industry or field of research so that being included in the chain won’t necessarily seem out of the ordinary.
The group responsible is designated TA453, which Proofpoint believes works for Iran’s Islamic Revolutionary Guard Corps. The group’s tactics have evolved over time. Previously, TA453 attackers would pose as individual journalists or researchers covering Middle East policies, targeting “academics, policymakers, diplomats, journalists, and human rights workers,” says Proofpoint. They’d try to engage the targets in one-on-one conversations but started using this group email sock puppet strategy earlier this year.
One example shows an email sent to two actual US/Russia relations experts from a “Carrol” and three more personas with email accounts run by the hackers. Others include pitches for research collaboration from the “director of research” of a university. In each case, the sock puppet accounts would reply to each other in an effort to lend the conversation legitimacy.
The initial emails and fake responses usually don’t have any links, says Proofpoint. It’s generally around the fourth or fifth message where a link gets shared, then a follow-up message asking the target to read the file coming days later.
Sometimes it’s a Zoom call link, a password-protected ‘research’ file, or a straightforward article link. The link is loaded with malware that scrapes your PC for personal information and sends those details back to the attackers.
The tactic capitalizes on the victim’s FOMO, as Proofpoint puts it. The researchers point to a study that showed that people tend to “copy the actions of others,” according to a description of the “social proof” principle in Psychology Today (opens in new tab).
These hackers seem to have a specific group of targets in mind, so unless you’re a Middle East or US-Russia policy expert, you’re probably in the clear. Be cautious anyway, though: Scammers will use whatever blueprints work, so this one could spread. Another recently spotted new phishing technique (opens in new tab)uses a fake pop-up window to convincingly simulate a Steam login form.
We have collected RSS feeds from some of our favorite websites and given our customers full access! We know that you want to sit back and enjoy the post, article and gossip and you have the choice to either click here Source or continue with the article. Afterwards, feel free to search our site for related information or both!
