Phishing scam mimics highest court in US
Cybercriminals thought to be responsible for a recently exposed phishing scam are thought to be behind another social engineering campaign that mimics the US Supreme Court of Justice, a report has revealed.
Cybersecurity analyst INKY says the latest attack follows similar patterns to that launched by the group responsible for the Calendly phishing scam, sending bogus emails that purport to be from the top US court to harvest credentials.
In this case the email contained a fake summons, threatening arrest if the recipient didn’t appear in court. As with the Calendly campaign, victims were duped into clicking on a malicious link, disguised as a “petition letter” to dispute the court’s verdict.
“There were a lot of things wrong with this message, starting from the fact that the Department of Justice doesn’t send out summonses on behalf of the Supreme Court, which itself rarely issues summonses to witnesses, and never to parties unrelated to a case,” INKY said.
It further pointed out that genuine summonses from the Supreme Court would never threaten those failing to comply with immediate arrest. Poor grammar was another giveaway, along with a clause discussing an appearance date that was never specified in the email text.
Perhaps more worryingly, the phishing email was sent from SendGrid, a legitimate marketing platform, using an authentic IP address – suggesting that the scammers succeeded in bypassing the provider’s verification protocols.
“That the Supreme Court would hear a brand new case before it went through other federal and state courts is highly unlikely,” said INKY. “And failure to appear is not grounds for arrest, it just means you can’t tell your side of the story.”
Recipients of genuine court summonses should never have to sign into an external site to view relevant documents, it added.
More from Cybernews:
War in space: could Russia attack target 'unfriendly' commercial satellites? – interview
Serious hackers – or just a bunch of script kiddies?
The US confirms seizing RaidForums website, its owner - arrested |
Ukraine curbed a Russian cyberattack on the electricity grid
US warns a novel malware could disrupt nations' critical infrastructure
Subscribe to our newsletter
Your email address will not be published. Required fields are marked