The Count Down Begins When Phishing Meets Ransomware

Set the timer and pay up. That’s what a new cyber attack strategy is doing to gain credentials from its victims.

The new phishing attack appears to be a hybrid that models its tactics after ransomware attacks. It starts with a message about a false log-in attempt from one of the person’s accounts, asking for the user to click on a verification link. By creating a sense of urgency, criminals can persuade victims to act faster.

Once the link has been clicked, a countdown clock is displayed on the following site. It starts at 1 hour, and urges the user to enter their username and password in order to validate their account. If the clock reaches 0 before this happens, the user risks their account being deleted. While this isn’t actually true, and the countdown clock means nothing, it’s designed to instigate panic in the person in the hopes they’ll give up their login info.

Threat actors can use credentials they steal to gain network access, plant ransomware or malware on other devices, or sell the stolen information on the dark web. Phishing attacks are extremely common and lucrative for cyber-criminals. If you’re concerned about a password being stolen, you can always use multi-factor authentication (MFA) or a password manager in order to keep your logins more secure.

Sign up to our mailing list to receive more IT related educational information: