Individuals traveling to Singapore, Malaysia, and the UK have been subjected to a novel phishing campaign exploiting online arrival card submissions in a bid to exfiltrate personal details, SiliconAngle reports.
Attacks involved the delivery of malicious emails warning travelers of potential denied entry due to incomplete immigration requirements that include a link redirecting to a fake government portal-spoofing website facilitating login credential and payment data theft, a report from Cofense revealed. Additional findings showed the presence of pre-filled personal details belonging to the target, which may have been obtained from dark web. "This level of detail suggests a highly targeted approach and that the personally identifiable data may have been purchased from the dark web, thus making the attack both unique and alarming. Reports of data breaches at organizations containing relevant information such as Philippine passport data make it even more likely that the stolen information was purchased online," said Cofense researchers.
