Cybercriminals continue to refine their phishing campaigns as they try to convince unsuspecting targets to turn over sensitive personal information.
As the world is getting wiser to their schemes, cybercriminals are evolving — they create phony emails and websites that look almost identical to the legitimate organizations they impersonate. And according to Vade, 34% of all phishing URLs in the first half of 2022 were impersonating financial institutions.
In this week’s BlackCloak Thursday Threat Update, we take a look at a recently discovered phishing campaign targeting customers of a popular credit card company, as well as a ransomware attack centered on a school district.
Phishing campaign targets CapitalOne customers
What we know: Cybercriminals have sent phishing emails imitating Capital One’s corporate account. The email asks the customer to provide a copy of any form of identification to ensure they are enrolled with Authentify, an online verification service that recently began a partnership with CapitalOne. The email contains a link to a phony website designed to look similar to CapitalOne’s, where they are taken to two additional pages that ask for the front and back of their identification.
Recommendations: It’s important to remember that no organization will ever ask you for personal information, login credentials, or money. If you are faced with one of these requests, do not engage with the communication. Additionally, anytime you receive a…
