Attackers Use Fake Chatbot To Launch Phishing Attacks On Users

Cybercriminals use a fake chatbot via phishing to target unsuspecting victims with malware, according to a new report by Trustwave.

The attack starts with a phishing email pretending to be from DHL. The email content mentions package delivery problems while promoting users to click on a link.

The link directs the victims to a downloadable PDF file, which shows content impersonating DHL. The file tells users that a shipment has been redirected, and to resolve the issue, they must click on another link.

After clicking on the second link, the users are taken to a chatbox-like page. There, some bot messages are displayed asking for confirmation of parcel delivery. There is only Yes/No option. After clicking on the Yes option, the users are asked to enter their e-mail credentials and confirm a Captcha.

In the final phase of the attack, users are asked to enter their credit card details to pay for parcel delivery.

To protect against this form of phishing attacks, users are advised to carefully check each email before clicking on embedded links.

They are also recommended to use email protection solutions to detect phishing campaigns and suspicious emails.

IT World Canada Staff
IT World Canada Staff
The online resource for Canadian Information Technology professionals.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

ITW in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

More Best of The Web