/plushcap/analysis/cloudflare/gdpr-compliance-for-phishing

Are you GDPR-compliant? New phishing message harvests credentials with GDPR lure

What's this blog post about?

A new phishing campaign is targeting businesses across various industries, using the European Union's General Data Protection Regulation (GDPR) compliance as a lure to harvest email login credentials. The attacker creates a sense of urgency by claiming that recipients' email security is not GDPR-compliant and requires immediate action. The campaign predominantly targets public-facing emails, with some instances targeting executives and upper management in the sales department. The phishing messages are sent from Virtual Private Server (VPS) IP addresses to maintain anonymity and can be easily switched if identified as phishing infrastructure. The malicious payload is a link to a credential harvester hosted on compromised WordPress sites, which then sends stolen credentials to the attacker. To prevent falling victim to such attacks, companies should ensure employees are knowledgeable about data security and privacy regulations, understand the risks of clicking unsolicited links, and utilize dedicated security solutions for email verification.

Company
Cloudflare

Date published
Sept. 23, 2020

Author(s)
Elaine Dzuba

Word count
1411

Language
English

Hacker News points
None found.


By Matt Makai. 2021-2024.