"New Image-Based Scam Bypasses Filtering, Encourages Victims to Call Attacker"
INKY Technology researchers have detailed a new image-based phishing scam that uses brand impersonation to encourage victims to call the scammers rather than click on a link or download a file. The researchers observed malicious actors using an image-based phishing technique in phone scams, involving sending a phishing email with the message embedded in an attached image. Phishers create an email, convert it to an image, and then send the image to their victims. As most email clients display the image file directly to the recipient rather than sending a blank email with an image attached, recipients will be unaware that they are viewing a screenshot rather than HTML code with text. The email also appears to be safe because there are no links or attachments to open. The goal of sending the phishing message via image is to avoid anti-spam and email security scanning because there is no text in the email. In one case, the researchers observed bad actors impersonating Geek Squad, with potential victims receiving an email stating that their Geek Squad subscription had been renewed for a year and that a large sum of money would be debited from their accounts within 24 hours. When recipients call the phone number listed in the email, they are given options to prevent the payment from going through, including the installation of remote access tools on their computers. Victims are then directed to a malicious website where banking information is requested, and victims are instructed to purchase gift cards in order to be reimbursed for the Geek Squad charges. The effectiveness of the technique is based on instilling fear in victims that they are about to be charged for goods or services they did not purchase. Those behind the scam hope that by eliciting an emotional response, they will impair victims' judgment and cause them to fall for the bait. This article continues to discuss the image-based phishing scam.
SiliconANGLE reports "New Image-Based Scam Bypasses Filtering, Encourages Victims to Call Attacker"