Cybercriminals use a fake chatbot via phishing to target unsuspecting victims with malware, according to a new report by Trustwave.
The attack starts with a phishing email pretending to be from DHL. The email content mentions package delivery problems while promoting users to click on a link.
The link directs the victims to a downloadable PDF file, which shows content impersonating DHL. The file tells users that a shipment has been redirected, and to resolve the issue, they must click on another link.
After clicking on the second link, the users are taken to a chatbox-like page. There, some bot messages are displayed asking for confirmation of parcel delivery. There is only Yes/No option. After clicking on the Yes option, the users are asked to enter their e-mail credentials and confirm a Captcha.
In the final phase of the attack, users are asked to enter their credit card details to pay for parcel delivery.
To protect against this form of phishing attacks, users are advised to carefully check each email before clicking on embedded links.
They are also recommended to use email protection solutions to detect phishing campaigns and suspicious emails.