Phishing emails that look like a DHL communication are now bringing a new twist – a version of a chatbot that helps drive targeted links to malicious links, according to a new report.
That is, it behaves like a chatbot, but behind the scenes, scripts are pre-programmed to respond with stock phrases based on the victim’s response, according to researchers at Trustwave who reported the phishing campaign strategy. But the effect is the same – Goals think they’re talking to a live DHL representative.
After clicking, the victim’s browser opens a PDF file with another link to the person to “fix the delivery,” the Trustwave team said. Chatbot will ask the victim to confirm the address and tracking number of the delivery and will also present a fake captcha to validate everything. Finally, the target will be asked to enter the login credentials and credit card information, which is collected immediately.
Since chatbots use brands extensively to interact with customers online, end users are no doubt suspicious of interacting with them, the Trustwave team added – this is a perfect social-engineering plot.
“The perpetrators of this phishing campaign are trying to capitalize on this.” Chatbot phishing report Added “phishing emails and websites to deceive the target brand, as well as chatbot-like elements. [is what] Gradually entice the prey to the actual phishing pages. “
