Take the pledge to vote

For a better tommorow#AajSawaroApnaKal
  • I agree to receive emails from News18

  • I promise to vote in this year's elections no matter what the odds are.
  • Please check above checkbox.

    SUBMIT

Thank you for
taking the pledge

Vote responsibly as each vote counts
and makes a diffrence

Disclaimer:

Issued in public interest by HDFC Life. HDFC Life Insurance Company Limited (Formerly HDFC Standard Life Insurance Company Limited) (“HDFC Life”). CIN: L65110MH2000PLC128245, IRDAI Reg. No. 101 . The name/letters "HDFC" in the name/logo of the company belongs to Housing Development Finance Corporation Limited ("HDFC Limited") and is used by HDFC Life under an agreement entered into with HDFC Limited. ARN EU/04/19/13618
»
2-min read

Amazon Prime Day 2019: Beware of Fake Sites Made by 16Shop Phishing Tool to Trap Users

Discovered by security researchers Oliver Devane and Rafael Pena of McAfee Labs, 16Shop is the same phishing tool that was used to target Apple users.

Shouvik Das | News18.com@distantvicinity

Updated:July 12, 2019, 9:53 PM IST
facebookTwitterskypewhatsapp
Amazon Prime Day 2019: Beware of Fake Sites Made by 16Shop Phishing Tool to Trap Users
Discovered by security researchers Oliver Devane and Rafael Pena of McAfee Labs, 16Shop is the same phishing tool that was used to target Apple users.
Loading...

As users gear up to find the best deals ahead of Amazon Prime Day Sale 2019, security researchers Oliver Devane and Rafael Pena of McAfee Labs have discovered a critical phishing threat that has been targeting Amazon users since May 2019, called 16Shop. According to the discovery, the tool has been previously used against Apple users, wherein it created a fake login page and urged users to re-enter credit card details, thereby leading to financial theft.

The McAfee researchers have noted that while the 16Shop phishing tool may not be operated by the same person as before, it appears to be an identical copy of the one that affected many Apple users worldwide. Previously operated by an Indonesian hacker who goes under the alias of 'DevilScreaM', the 16Shop phishing tool is claimed to have been marketed to vendors through a closed Facebook group as well, which in turn may have resulted in more attackers using it to target large-scale websites such as Amazon. While USA and Indonesia are known to be the targeted markets so far, it is not clear if Indian websites are also being targeted now.

According to the information revealed so far, the 16Shop tool uses multiple domains that replicate an Amazon login screen in order to steal credentials of a users, and subsequently, previously added credit or debit card data. This can prove to be incredibly fatal, since the Amazon Prime Day Sale typically sees millions of users accessing the e-commerce giant's portal to avail time-bound deals and discounts, and often end up spending a significant chunk of money during this period. Seeing that Amazon is slated to experience a higher amount of activity than usual, it is imperative that users remain more cautious than ever.

The most certain fix for users across the world is to not access any URL that offers an Amazon login interface, apart from the official URL itself. Emails sent with offers, or prompts that state that a user's account credentials have been suddenly reset or locked (like the 16Shop attackers did with Apple) are best left untouched and deleted. According to the McAfee Labs blog post, the following six URLs are being used to lure users into a trap, and for the sake of safety, users should add these addresses to the blacklist of whichever firewall they are using.

The URLs are: (warning: Do not click on any of these addresses, or access voluntarily)

verification-amazonaccess.secure.dragnet404.com/

verification-amazon.servicesinit-id.com/

verification-amazonlocked.securesystem.waktuakumaleswaecdvhb.com/

verification-amazonaccess.jaremaubalenxzbhcvhsd.business/

verification-amazon.3utilities.com/

verification-amaz0n.com/

Devane and Pena conclude their alert against this recent threat by stating, "During our monitoring, we observed over 200 Malicious URLs serving this phishing kit which highlights its widespread use. This demonstrates how malicious actors use legitimate companies to leverage their attacks and gain victims’ trust and it is expected that these kinds of groups will use other companies as bait in the future."

| Edited by: ---
Read full article
Loading...
Next Story
Next Story

Also Watch

facebookTwitterskypewhatsapp

Live TV

Loading...
Countdown To Elections Results
To Assembly Elections 2018 Results