Saturday, September 19, 21:19
Home security Phishing attack targets Stripe users

Phishing attack targets Stripe users

Stripe

Another case of attacks Phishing has come to the fore and this time targets its users Stripe, in order not only to steal credentials account users, but also their banking information.

Cofense researchers have discovered the attack against users of Stripe, a company that provides electronic payment processing. According to researchers, the attack on electronic phishing is not just about stealing data users, but also to trick them into sharing their financial information.

Initially, the attackers send emails to users, which appear to come from Stripe, informing them that their account details are invalid. The malicious agents have made the design of this message quite clever as it distorts the sender's identity as 'Stripe Support'. They have also replaced the "Examine your information" button where users can click on e-mail, with an HTML title tag. This prevents the user from seeing a preview of the embedded link.

By clicking the "Review" button, the user is taken to a malicious site that contains a number of web pages. The first page asks for the credentials, which then leads to another website, asking for the bank account number and users' phone number. The last page redirects the victim to the actual Stripe website to avoid possible crawling.

Be always cautious

While most of the phishing campaigns attract users via email, the technique is not limited to emails. The Criminals use various tricks in the media as well.

To avoid such attacks, users should be careful with all messages they receive, asking them to enter any information. It is possible that an incoming email is part of a phishing attack, unless it is a response that you really expect from a company. For example, the verification / login message you receive when you reset your password to any account in Internet.

Simply put, whenever you receive an email alerting you of a suspected / failed login attempt, expiration / verification / authentication of account or any other matter, try to confirm the source mentioned in the email otherwise. For example, you can call your bank to verify if the message you receive is from them or to contact customer support, such as Microsoft or the Instagram, to validate the message. If you are not sure of the authenticity of an email, it is best to avoid replying.

LEAVE ANSWER

Please enter your comment!
Please enter your name here

Absent Mia
Absent Miahttps://www.secnews.gr
Being your self, in a world that constantly tries to change you, is your greatest achievement

LIVE NEWS

The Windows 10 Android streaming app is available on some devices

Last month, Microsoft announced that Samsung Galaxy smartphones will be able to stream from Android apps to Windows ...

Hackers throw dimokratianews.gr because he insulted Erdogan!

Hacker dimokratianews.gr _ The website dimokratianews.gr was hacked by Turkish hackers because it published a news headline that the Turkish government said offended ...

How to control your data consumption on Android!

Most people need to keep a close eye on data consumption to avoid any surprises in their account. So it is very important ...

What technological innovations determine the future of cybersecurity?

The advancement of technology beyond the facilities it offers, increasing both the speed and the quality of safety performance, ...

Microsoft Outlook: How to block emails from specific senders?

Have you ever received emails from people you do not want? If so, Microsoft ...

US: Department of Commerce abolishes TikTok on September 20th

As announced today by the US Department of Commerce, it will proceed to ban the download of the popular Chinese application TikTok and WeChat, ...

Group Tabs: Chrome will automatically create group Tabs

Google wants to rid users of manually creating tabs from users, so the Chromium team is testing it ...

Pinephone: The version with Manjaro Linux is now available for preorder

A few hours earlier, PINE64 announced that the new Pinephone 'Manjaro Community Edition' is now available for ...

Error allows remote code to run on Apple devices

Bugs found on iPhone, iPad and iPod have been fixed by Apple through new updates for iOS systems ...

The CEO of cyber fraud company NS8 has been arrested for fraud

The CEO of the NS8 cyber fraud company has been arrested and charged with defrauding the company's investors.