Scammers exploiting Christchurch incident to launch phishing attacks

Threats / Scammers exploiting Christchurch incident to launch phishing attacks

A number of opportunistic cyber criminals are exploiting the recent tragic event in Christchurch, New Zealand to raise online donations using phishing websites, to inject malware into devices by embedding them in video files, and to deface several local websites.

On the 15th of March, two mass shooting incidents at a couple of mosques in Christchurch, New Zealand resulted in the death of as many as 49 people and twenty more people suffered serious injuries. The shooting incidents resulted in a global outrage with almost every head of state and celebrity expressing anguish and solidarity with victims’ and their families.

However, in the aftermath of the shooting incident, a large number of opportunistic cyber criminals have created new fraudulent campaigns to con people out of their money or inject malware into their devices by using the tragic incident as bait.

Scammers using Christchurch incident as bait

According to New Zealand’s Computer Emergency Response Team (CERT), online scammers are sending phishing emails containing fraudulent bank accounts and fake online banking logins and are asking people to make donations in favour of victims of the Christchurch incident.

Cyber criminals are also embedding malware into video files that contain footage related to the attack and are sharing malicious video files on compromised websites or social media. People clicking on such files to view videos could have their devices taken over by harmful malware that could either be ransomware, spyware, or data-exfiltration malware.

CERT NZ also said that it received alerts about cyber criminals defacing New Zealand websites to spread political messages about the Christchurch tragedy and threatening New Zealand websites with denial-of-service attacks.

The exploitation of the Christchurch tragedy indicates that cyber criminals stop at nothing when it comes to earning money online through any means. Such being the case, people looking to contribute funds for victims of the tragedy should do so using official platforms and forums owned by governments or responsible organisations.

ALSO READ: Spam still rules as the most popular attack vector for cyber criminals

The following two tabs change content below.

Jay has been a technology reporter for almost a decade. When not writing about cybersecurity, he writes about mobile technology for the likes of Indian Express, TechRadar India and Android Headlines


Source link