If you regularly read Cyber guards, you understand that our readers may meet interesting phishing scams. It’s to make them aware so that they don’t fall into scams from the remainder. This is the situation with the recent phishing campaign discovered and communicated with us by Reversing Labs before publishing. What sets this scam out is that it utilizes fake JavaScript login forms produced directly by the PDF attachment instead of using fake landing pages.
Tax records are often self-protected with login notifications
You are likely to be aware of password-protected PDF documents used to safeguard sensitive tax data when you send tax files regularly by e-mail to your company.
However, in fact this login prompt is displayed by a JavaScript script that instead submits any submitted credentials to a long URL at http:/sellercentral.amazon.de.56U8 GTHDGT4U7YWEWE 84GTYS.abecklink.
Protect yourself against this kind of scam.
We usually inform you to check any landing pages ‘ URL for phishing scams to ensure they look valid. We also recommend that you log on to locations in your official domains only, not via an attachment. In this case, a login prompt will be generated to open a protected PDF document, no URLs will be displayed, and this would occur. This is why you always have to check the sender’s landing page URLs to ensure that they fit with a legitimate domain and the email you received. You have to be even more vigilant when it comes to tax papers and reach the sender to verify that they have sent you sensible data via email.