Attack on the complainer. Let’s say you ordered a product or service from some organization (marketplace, online store, service center – it doesn’t matter) and something went wrong. It’s quite natural to find the official community of this organization on a social network and write a complaint. Communication with the support team is good, but with some public stimulation it’s even better, right? 😉
Only since the complaint is public, it can be read not only by the organization’s employees, but also by attackers. 🤷♂️ They can write to you in a private message, posing as a representative of the organization, and promise to resolve all issues.
You just need to
🔻 go to the website (a phishing one 🪝)
🔻 fill out the form (with personal and card data 💳)
🔻 enter SMS code (2FA from Government Services website 🛂)
🔻 download and run the “helper application” (malware 👾)
There can be many attack scenarios. And there is only one way to resist them – vigilance.
Hi! My name is Alexander and I am a Vulnerability Management specialist. You can read more about me here. Currently, the best way to follow me is my Telegram channel @avleonovcom. I update it more often than this site. If you haven’t used Telegram yet, give it a try. It’s great. You can discuss my posts or ask questions at @avleonovchat.
А всех русскоязычных я приглашаю в ещё один телеграмм канал @avleonovrus, первым делом теперь пишу туда.