involving the spoofing of luxury brands, including Louis Vuitton, Rolex, and Ray-Ban.
The hackers craft enticing emails promising heavy discounts on these luxury products, with the email addresses manipulated to mimic the authenticity of the brands.
Despite the appearance of legitimacy, a closer look reveals that the email origins have no connection to the actual luxury companies, CPR noted.
Once the links within these emails are clicked, victims are led to websites meticulously designed to replicate the official sites of the targeted brands. These fraudulent sites peddle luxury goods at unbelievably discounted prices.
Check Point said that the real danger in the malicious intent behind these sites lies with the fact that they prompt the user to input their account details. This sensitive information then becomes vulnerable to theft by the attackers.
Delivery Sector Continues Leveraged by Cybercriminals
Ahead of the busy online shopping season, CPR also noted how cybercriminals are manipulating the delivery and shipping sectors.
In October 2023, there was a staggering 13% increase in the number of malicious files associated with orders and delivery/shipping compared to October 2022.
Recently, CPR found a campaign of Agent Tesla malware with Archive files delivered as attachments to emails using subjects related to orders and shipments, such as – po-######.gz / shipping documents.gz, luring the victim to download the malicious file.
Be Wary of Phishing Websites
CPR also highlighted examples of phishing websites, which have similar registered information and look similar to each other – offering well-known shoe brands at ridiculous prices.
Cybercriminals have invested significant effort in crafting deceptive websites that closely mimic authentic platforms, CPR noted.
This strategy aims to trick end-users into willingly providing their credentials. URL phishing serves as a pretext for executing credential harvesting attacks, and when executed effectively, it can result in the theft of usernames, passwords, credit card details, and other sensitive personal information.
Particularly, successful instances often prompt users to log in to their email or bank accounts.