Increase the credibility of the scam and evade security scanners
Cybercriminals often launch campaigns designed to trick customers of Poste Italiane (the Italian Post Office) into handing over their personal information. However, experts from Sophos have come across one scam email that uses some old but interesting techniques.The emails, written in Italian, are entitled something like “Useful information on the new security system,” and they urge recipients to download an attached form and complete it.
To make everything more legitimate-looking, the fake Poste Italiane notification informs recipients that they must use a password – one that’s included in the body of the email – in order to access the form.
According to experts, this tactic might make the attack less successful, since users who don’t read the entire email and rush to open the attachment are prevented from accessing the phishing page. On the other hand, the use of a password might add some credibility to the scam.
The use of a password could also prevent some security scanners from seeing that the HTML file that’s attached to the emails is a phishing page.
Additional technical details on this phishing attack are available on Sophos’ blog.