However, eagle-eyed recipients would notice several red flags that point to the email’s illegitimacy.
Plus, the presence of a file expiry date sparks urgency, encouraging the recipient to click on the provided link right away, distracting them from checking the sending address of the email and looking out for any other errors. In addition, by including details like file size and the email address of the sender, the email boosts its credibility, motivating recipients to think there actually is a legitimate file being sent by someone. This email also attempts to intrigue telling the recipient that a new file has arrived creates a sense of curiosity. All this serves to elicit a more confident response from recipients who think they are, in fact, viewing a document from the popular file-sharing service. Cybercriminals have also incorporated screenshots taken from an actual WeTransfer page that rotate through on the background of the phishing page. Several techniques have been employed in this particular email scam to convince recipients of its legitimacy, including the usage of high-quality graphical elements in the phishing page, such as WeTransfer’s branding & logo. With more employees working remotely since the COVID-10 pandemic, it’s common for professionals to share confidential business documents with one another via email, so notifications like this one aren’t likely to raise too much suspicion.
In addition, using a file-sharing notification to trick users is another trick employed by cybercriminals to avoid detection. Please share this alert with your social media network to help us spread the word around this email scam.Ĭybercriminals frequently exploit the branding of global companies like WeTransfer in their scams, because their good reputation lulls victims into a false sense of security, and with such a large number of users they are an easy and attractive target. We strongly advise all recipients to delete these emails immediately without clicking on any links.
#Wetransfer free trial password
Users are then shown a response stating the password entered is incorrect, as per the below: Upon ‘logging in’ and clicking on the link to ‘download file’, users’ credentials are harvested by the cybercriminals behind the scam. It is registered with GoDaddy and hosted using Amazon AWS. This is actually a phishing page that appears to be a compromised website. However, the domain used in the page’s URL doesn’t belong to the company. This page employs multiple branding elements belonging to WeTransfer, including its logo. Unsuspecting recipients who click on the link are led to a login page, asking for the user’s username and password. Recipients are also informed that the files will be ‘deleted on 23April, 2021’.
#Wetransfer free trial download
A link is provided to download the files, along with a few details such as their size and file name. The email body informs recipients that they have been sent some files in the form of a. The email actually originates from a rather generic domain registered by Tucows. However, the domain used in the sender address provided in the ‘From:’ field doesn’t belong to the company – a red flag pointing to the email’s illegitimacy. Masquerading as a file-sharing alert, the email uses a display name of ‘WeTransfer’. MailGuard has intercepted a phishing email impersonating popular file-sharing service, WeTransfer. Using business documents, including contracts, legal documents and finance records, as trojan horses to deliver cyber-attacks continues to be a popular technique among cybercriminals looking to trick users.
0 kommentar(er)
