Phishers cash in on WannaCry attack
The UK's ActionFraud cyber crime reporting center is warning customers of BT’s internet services of a phishing scam claiming to protect against WannaCry-style attacks.
The emails claim that BT has launched preventative measures to protect data on an international scale and try to get recipients to click on a link to a 'security upgrade'.
The attack uses convincing-looking branding and domain names which appear very similar to genuine BT addresses and so could catch out the unwary who are concerned about the security of their data after the global attack.
Mike Wyatt, threat researcher at threat management company RiskIQ says, "Savvy threat actors will even use convincing branding, language, and URLs to make it more realistic and more difficult for users to quickly determine the email’s authenticity. However, most brands have very little insight into how their branding is being used in threat campaigns across digital channels. This is a very bad thing because even though the legitimate brands, like BT in this instance, have nothing to do with the threat campaigns, many consumers will still blame them. Consumers may even directly associate the legitimate brands with the bad things that happen to them via the fraudulent use of their branded terms, seriously eroding consumer trust."
You can find out more about the attack, and get advice on spotting phishing emails, on the ActionFraud website.