Valentine’s day is universally known as the day when people show their affection for another person or people by sending cards and gifts with messages of love but criminals are targeting online daters in the lead up to Valentine’s Day, according to trade group UK Finance. This coincides with recent reports that show there has been an overall rise in online fraud as scammers and threat actors take advantage of people affected undesirably by the Covid-19 pandemic.
Our society inclines towards online shopping due to everyone being overly occupied with their jobs alongside the rising pandemic, there’s not a lot of time or ability to shop in person. The increase in online shopping has also resulted in an increase in phishing practices on the internet. It has become a prevalent issue within society ranging from the number of online scandals, including fake websites, and stealing money from accounts. These occurrences suddenly surge during holidays or festivals. Valentine’s Day has led to a rise in scams too Pandora, one of the largest jewellery brand, became a victim of this malicious practice recently, according to a report by CheckPoint.
Renowned jewellery brand Pandora became a target of an online phishing scam when people were sent emails by a fake website trying to copy the jewellery brand. The fake website showed Pandora products at an excessively low rate during Valentine’s week.
The fake jewellery website targeted people by showing unreasonably cheap products and marking them as Valentine’s discount. The report spoke about an emailer sent to various email ids/probable customers trying to buy special presents for their loved ones. Initially the emailer looked genuine, but intricate elements made it clear that is was apart of a phishing attempt. The first one being the address of Pandora, which was written in lower case and it was unusual for the original Pandora website and emailers.
The year on the emailer was not updated to 2021 and still showed 2020, this proved that the email was fake, however, there were other giveaways too, like the bogus email address from which the mails were sent was not related to Pandora. On top of that, clicking on any of the links, directed the customers to a fake page that had a relatively different URL but the website looked easily comparable to the original Pandora.
photocredit: hindustantimes.com
Emails pretending to confirm hefty orders from lingerie shop Ajour Lingerie and flower store Rose World are also spreading the BazaLoader malware. Numerous individuals have received “recent order” email confirmations for flowers or lingerie. These emails are part of a spear-phishing attack, which ultimately leads recipients to a malicious text that executes the BazaLoader malware.
The BazaLoader downloader is written in C++ and has the key function of downloading and implementing additional modules. The spear-phishing campaigns were distributed across a diverse set of companies and sectors. Researchers said that if the user visits the website, goes to Contact Us, and enters the order number in the order ID, the site will redirect the user to a landing page, the landing page links to and explains how to open the Excel sheet. The Excel sheet contains macros that will download BazaLoader if enabled.
It is vital that we stay vigilant in order to avoid any risk of falling victim to the surfacing phishing attacks. To read our spearphishing blog, click here
Get our latest cyber intelligence insights straight into your inbox every week
Fill out the short form below to subscribe to our newsletter so that you never miss out on
our cyber intelligence insights and news.
Privacy Overview
This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.
Orpheus is a leading cyber security company that offers predictive and actionable intelligence to clients, enabling them to anticipate, prepare for, and respond to cyber threats. Our threat intelligence is used to create threat-led cyber risk ratings, providing a more accurate assessment of risk than just analysing an organisation’s attack surface. Products include; External attack surface management, risk-based vulnerability management, third-party supply chain risk management and cyber threat intelligence. Cyber security jobs and careers.
Strictly Necessary Cookies
These cookies are strictly necessary to provide you with services available through our website and to use some of its features. These must be enabled at all times, so that we can save your preferences.
Orpheus is a leading cyber security company that offers predictive and actionable intelligence to clients, enabling them to anticipate, prepare for, and respond to cyber threats. Our threat intelligence is used to create threat-led cyber risk ratings, providing a more accurate assessment of risk than just analysing an organisation’s attack surface. Products include; External attack surface management, risk-based vulnerability management, third-party supply chain risk management and cyber threat intelligence. Cyber security jobs and careers.
If you do not enable Strictly Necessary Cookies, we will not be able to save your preferences. This means that every time you visit this website you will need to enable or disable cookies again.
Orpheus is a leading cyber security company that offers predictive and actionable intelligence to clients, enabling them to anticipate, prepare for, and respond to cyber threats. Our threat intelligence is used to create threat-led cyber risk ratings, providing a more accurate assessment of risk than just analysing an organisation’s attack surface. Products include; External attack surface management, risk-based vulnerability management, third-party supply chain risk management and cyber threat intelligence. Cyber security jobs and careers.
3rd Party Cookies
This website uses Google Analytics to collect anonymous information such as the number of visitors to the site, and the most popular pages.
Keeping this cookie enabled helps us to improve our website.
Orpheus is a leading cyber security company that offers predictive and actionable intelligence to clients, enabling them to anticipate, prepare for, and respond to cyber threats. Our threat intelligence is used to create threat-led cyber risk ratings, providing a more accurate assessment of risk than just analysing an organisation’s attack surface. Products include; External attack surface management, risk-based vulnerability management, third-party supply chain risk management and cyber threat intelligence. Cyber security jobs and careers.
Please enable Strictly Necessary Cookies first so that we can save your preferences!
Orpheus is a leading cyber security company that offers predictive and actionable intelligence to clients, enabling them to anticipate, prepare for, and respond to cyber threats. Our threat intelligence is used to create threat-led cyber risk ratings, providing a more accurate assessment of risk than just analysing an organisation’s attack surface. Products include; External attack surface management, risk-based vulnerability management, third-party supply chain risk management and cyber threat intelligence. Cyber security jobs and careers.
Orpheus is a leading cyber security company that offers predictive and actionable intelligence to clients, enabling them to anticipate, prepare for, and respond to cyber threats. Our threat intelligence is used to create threat-led cyber risk ratings, providing a more accurate assessment of risk than just analysing an organisation’s attack surface. Products include; External attack surface management, risk-based vulnerability management, third-party supply chain risk management and cyber threat intelligence. Cyber security jobs and careers.
Request Demo Access
Fill out your details below and we'll be in touch to arrange demo access for you as soon as
possible.