Since the end of 2019 there has been a change in bank phishing campaigns against Italian users who have introduced the combined use in a massive manner of methods until then used exclusively for targeted attacks, such as:
- Vishing (telephone phishing);
- Smishing (SMS with malicious content);
- Malware (malicious APK);
- Spoofing (Spoofing of the callerid or sender of the SMS);
- Ad Hoc Domains (Creating new domains similar in name to the original);
- Toll Free Numbers (Used to make communications more reliable).
It also changes the criminal figure that is no longer foreign but Italian. A fundamental figure for a social engineering attack that is no longer only spread through digital technology but also by phone, the knowledge of the mother tongue becomes useful to best trick the victim and lead it step by step to perform unwanted actions.
As a result, phishing campaigns have also grown rapidly, reaching more than 800 separate campaigns per week to Italian banks or financial services.
Phishing campaigns against Nexi
Since May 2022 we have identified a new criminal actor which target customers of Nexi SpA, the PayTech of digital payments in Italy, distinguishable from the creation of domains created Ad Hoc very faithful to the original (usually uses different TLDs but the domain uniquely contains the word “Nexi”, ex Nexi[.]shop, Nexi[.]club, etc) and a Phishing SMS full of information and details.Continua a leggere