Advintel cybersecurity experts: Malware operators now target exposed RDP connections to gain an initial foothold and exploit CVE-2018-8453 and CVE-2019-1069.
New global DHL themedcybercrime phishing campaign, tailored on the victim’s email
New global DHL themed phishing campaign, tailored on the victim’s email address. The message is referred to a parcel just arrived in the company’s head office. But they “are unable to locate” the address for delivery. So the user is invited to open an html attachment to solve the issue.
It redirects to a fake courier’s page, in which email field has already been compiled and it’s fixed.
Victims just have to digit the password, and then they will be redirected to DHL homepage.
I’t s a trap. The goal of the cybercrime operation is just to steal and harvest credentials. The fake courier’s domain, in fact, is owned by others who don’t have any link with the real company, and there is no parcel in the head office. Beware!