Summary: Researchers at Palo Alto Networks Unit42 have identified a new phishing tactic that utilizes PDF documents to deceive victims into believing their Amazon Prime memberships have expired. Victims are led to fake Amazon pages where they are prompted to enter their personal and credit card information. This campaign highlights the need for heightened vigilance regarding email attachments, as they are a common vector for phishing attacks.
Affected: Amazon Prime users
Keypoints :
- Phishing campaign uses PDF documents linked to fake Amazon membership expiration notices.
- Victims are redirected to phishing websites that impersonate Amazon after clicking on PDF links.
- Initial attack links utilize cloaking methods to evade detection and analysis.
Source: https://www.darkreading.com/cyberattacks-data-breaches/phishing-campaign-malicious-amazon-pdfs