On this video for Assist Internet Safety, Nick Ascoli, VP of Menace Analysis, PIXM, discusses a multilayered phishing campaign focusing on cryptocurrency change Coinbase. Attackers are sending out spoofed Coinbase emails to harvest private credentials and use them to log into customers’ legit accounts in real-time.
How the Coinbase phishing assault works
The attackers current customers with a notification that their account wanted consideration due to an pressing matter (ex: locked account, transaction affirmation). Customers had been prompted to enter login credentials and a 2-factor authentication code into the pretend web site.
With the newly obtained private info, the scammer instantly beneficial properties entry into customers’ legit periods on the coinbase web site.
This assault is centered round three core strategies and is patently completely different from different phishing attacks tracked by PIXM in the way in which that domains keep alive for very brief intervals of time:
- Quick llved domains
- Context consciousness
- 2-factor relay