Phishing Attempt With Fake Refund Notification Trying To Steel Personal Information

New Phishing attempt at citizens in United Kingdom, with fake refund notification trying to steal privacy of users.The reason for not transferring the money directly into the bank account is that the information provided by the user was inaccurate, scammers seek info that can lead to compromising victims’ bank accounts.The amount of money to be returned is about £100 ($166 / €126).

Suspect thinks that it might be the work of cyber crime hackers.Christopher Boyd of Malwarebytes says that “In the scammy message purporting to come from HM Revenue & Customs there is a link to the alleged refund form, which is stored on a compromised German bicycle shop website“.

The hackers have used Ow.ly URL shortening service to mask the link to the malicious repository, this is a uncommon method for phishing attacks.”The fake refund form asks for name, DOB, address, postcode, account number, full card details…all the usual bits and pieces of information required to swipe the payment information”,says the researchers.

Users are requested to check more than twice from the source from which the email is sent. Every information is very important and users are requested to be careful.Single detail may be the difference between falling victim to the scam or deflecting it.

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Glove Stealer Emerges A New Malware Threat For Browsers

ANY.RUN Discovers Tricky Phishing Attack Using Fake CAPTCHA