FBI warns of cybercriminals abusing search ads to promote phishing sites

In both versions of the scheme, the spoofed portal prompted customers to enter account credentials and telephone numbers, and to answer security questions. These actions failed to grant access, at which point the account holder would receive a telephone call from the cyber actor who falsely claimed to represent the financial institution. While this individual occupied the customer in a lengthy process purported to restore account access, an associate would access the financial institution’s legitimate portal using the customer’s stolen credentials and initiate wire transfers from the account. Victims subsequently learned about the illicit transfers from the financial institution or when they eventually logged into the correct portal.”

Add a Comment

Your email address will not be published. Required fields are marked *