It seems that unscrupulous activities by Cyber Criminals won’t be letting up soon, as two different types of attacks were recently discovered; Spammers are looking to steal your bank information by disguising itself as a legitimate website domain, while another cyber-attack focuses on Chrome Extensions to potentially steal your credentials.
This goes to show that anyone using the internet, and that’s pretty much everybody, needs to be wary and should always be on the alert.
Be very careful while typing your bank website domain
Typing a bank website domain is taken for granted by most people to access an account.
However, these are the kinds of negligent people hackers are looking for.
Spammers have created fake bank website domains that are very similar to the real websites. These criminals use these bogus websites to spread their malware programs to take control of users’ login credentials, according to researchers at My Online Security and SANS Institute’s Internet Storm Center.
Here are some of those bogus web sites found by the researchers which are already taken down.
- hsbcdocs.co.uk
- nationwidesecure.co.uk
- santandersecuremessage.com
When users mistakenly type the domains above, they would be exposed to a bank malware called Trickbot. The malicious program has the capacity to hijack a user’s login credentials without their knowledge.
People are easily tricked by these kinds of websites because the domains used servers with full email authentication and especially HTTPS, which is an encrypted communications protocol found only on trusted websites.
Cyber criminals attack Chrome extensions
Hackers were able to take control of several Chrome extensions putting users at risk. Apparently, criminals were able to take control of these Chrome extensions after its developers were victimized by phishing emails, revealed by researchers at Proofpoint.
These are the list of Chrome extensions that were compromised due to the attack.
- CopyFish
- Web Paint
- Social Fixer
- TouchVPN
- Betternet VPN
Proofpoint said in a statement, “Several Chrome extensions were compromised after their author’s Google Account credentials were stolen via phishing scheme,” cited in a report from WCCFTECH.
After gaining control of the developer’s login credentials, hackers are able to spread malicious versions of the Chrome extensions.
The investigation by Proofpoint was initiated after Chris Pederick, the developer of the Web Developer Chrome extension, revealed through his Twitter account that his program was breached by cyber criminals.
