Lately, the researchers Security have noticed a new wave of phishing attacks. The hackers behind the phishing emails try to deceive the victims and make them give away their money. Data their credit card or credit card codes Accessed at. Some of these emails are very convincing. However, others are not at all polished, and that's good, because they help users to realise that something is wrong.
According to the security company Mimecast, the new phishing campaign uses emails who tell victims that they are entitled tax refund. In this way they try to convince the victims to give personal information, such as their name, address, telephone number and card details.
This fraud coincided with the submission of UK citizens' tax returns (they had until 31 January). The hackers probably took advantage of this situation and came up with this particular trap.
According to Mimecast, this process is inconvenient for many people, so because of the pressure they are very likely to fall into such a trap.
The positive aspect is that many of the phishing emails have some specifics and some grammatical errors that should attract the attention of users and be more cautious about the specifics. The spelling mistakes, the names of government agencies that they don't sound quite right and others Issues in the form of email should "ring a warning bell". Also, phishing emails come from non-official email addresses. These are some signs to look out for whenever we receive a message from an unknown source.
However, some other emails are very carefully crafted, so they are very convincing.
"Unfortunately, whether they are of good or bad quality, phishing attacks are effective and that's why they continue to be popular," said Carl Wearn, head of cybercrime at Mimecast.
"Any unexpected message from an organisation requesting Details (like the ones mentioned above), is suspicious. It is almost certainly an attempt by fraudsters to steal the credentials you through a seemingly genuine site", he said, adding that when users are asked to put their credentials on a site, they should first search the site on the browser and not put them in what's embedded in the email.
