Fraud experts are warning UK netizens of a sophisticated new phishing scam which uses the recent WannaCry ransomware attack campaign in an attempt to trick users into clicking on malicious links.
ActionFraud issued an alert late last week, claiming to have already received several reports of the BT-branded scam email.
“After analyzing the email, the domains appear very similar and this could easily catch out those who are concerned about the security of their data after the global attack”, the fraud prevention organization warned.
The message itself is pretty convincing, urging recipients in near flawless English to click on a “confirm security upgrade” button to re-establish full access to a BT account it claims has been restricted following the WannaCry outbreak.
“If you receive one of these emails do not click on any links and follow our advice on how to stay safe. Instead, go to the BT website directly and log in from there,” Action Fraud advised.
“We are also aware that companies are sending out legitimate emails of reassurance in connection with the recent cyber-attack, if in doubt contact them directly on a method other than the email you have received.”
Phishing attacks are becoming increasingly popular among the black hat community: the tactic was present in a fifth (21%) of attacks last year, up from just 8% the previous year, according to Verizon.
Separate data from the Anti-Phishing Working Group for 2016 points to over 1.2 million recorded phishing attacks worldwide, up a whopping 65% from 2015.
A template called 'Message from Administrator' had the highest average click rate of 34%, according to Wombat Security’s State of the Phish 2017 report, showing that work-related lures are most successful in getting clicks.
However, newsworthy events and popular brands like this BT scam are also popular among cyber-criminals, who use them as the initial lure, especially for consumer-based campaigns.