Your new post is loading...
Security researchers at Sophos have warned of a new phishing campaign targeting Instagram users. And this is a phishing campaign with a devious twist. The attackers mock up what's intended to look like two-factor authentication (2FA) in an attempt to appear legitimate. But it's obviously not 2FA. It's a standard attempt to steal login credentials, to amass usernames and passwords.
The initial phishing attack emails include what looks like a 2FA code. The user is instructed to enter the code when they login to prove their identity. The premise of the attack is that there has been an unauthorized login. The login warning, the email and of course the 2FA code are completely fake—the code just a clever twist to suggest some form of security. The whole thing it spurious, but people will be tricked.
The email link takes users to a fake Instagram login page, described by Sophos as "much more believable" than many of the standard email phishing campaigns uncovered. "We don't like to admit it," the research team reports, "but the crooks thought this one through."
Learn more / En savoir plus / Mehr erfahren:
http://www.scoop.it/t/securite-pc-et-internet/?&tag=Instagram
Security researchers at Sophos have warned of a new phishing campaign targeting Instagram users. And this is a phishing campaign with a devious twist. The attackers mock up what's intended to look like two-factor authentication (2FA) in an attempt to appear legitimate. But it's obviously not 2FA. It's a standard attempt to steal login credentials, to amass usernames and passwords.
The initial phishing attack emails include what looks like a 2FA code. The user is instructed to enter the code when they login to prove their identity. The premise of the attack is that there has been an unauthorized login. The login warning, the email and of course the 2FA code are completely fake—the code just a clever twist to suggest some form of security. The whole thing it spurious, but people will be tricked.
The email link takes users to a fake Instagram login page, described by Sophos as "much more believable" than many of the standard email phishing campaigns uncovered. "We don't like to admit it," the research team reports, "but the crooks thought this one through."
Learn more / En savoir plus / Mehr erfahren:
http://www.scoop.it/t/securite-pc-et-internet/?&tag=Instagram