Mrs. Christiana Kozakou, is the Head of Marketing at Odyssey Cybersecurity, where she leads and oversees strategic marketing efforts for Odyssey and ClearSkies brands around the globe. Her expertise lies in designing and coordinating 360-degree marketing campaigns and crafting effective marketing penetration strategies for exploring new markets. Mrs. Kozakou is a dynamic professional driven by her passion for unleashing potential in every endeavour, leading a team of creative marketers, working together towards one goal: to give voice to Odyssey and its people so the world can become a cyber safer place. Throughout her 10 years career, Mrs. Kozakou has served in key roles in Advertising, Business Development and Digital Marketing in International companies. A fervent believer in empowering women, she served as a dedicated volunteer for IWIB’s International Team, fostering growth and opportunities for aspiring leaders. Her educational background boasts a Master of Business Administration (MBA), Bachelor’s degrees in Marketing and Sociology.
A new Phishing Campaign using SMS messages impersonating an International Courier Organization found.
Threat Level Description
Threat Level: High – An attack is highly likely. Additional and sustainable protective security measures reflecting the broad nature of the threat combined with specific business and geographical vulnerabilities and judgments on acceptable risk.
We have observed that while the local and international trade is struggling to respond to the coronavirus crisis, a new malicious campaign, using phishing SMS messages, targets the consumers, impersonating a known international courier organization.
A malicious scammer or syndicate, utilizing these fraud SMS messages, could aim in stealing users’ credentials and banking accounts information. In addition, the fraudsters could compromise the victim’s mobile and eavesdrop his/hers actions and/or spread malware.
The phishing SMS campaign impersonates the DHL international courier organization, informing the unsuspected clients that their parcels have arrived and that in order to proceed with the delivery the clients should pay a small amount (~2€). In the malicious SMS message is included a link that the client should follow in order to complete the transaction and receive his/her parcel.
By clicking on this malicious link the fraudsters could compromise the client’s mobile phone and steal his/hers banking credentials and accounts’ information. Furthermore, the malicious actors could infect the mobile device with malware and perform further attacks.
Note, that it is observed that mobile phishing attacks are increasing due to the fact that people spending more time on their phones for purchases and work.
The guidelines below will help you protect against e-Fraud and its associated security threats:
• Do not open e-mail and SMS messages from unknown sources. Be suspicious of emails and SMS messages purporting to be from financial institution, government department, or other agency requesting account information, account verification or banking access credentials such as usernames, passwords, PIN codes, and similar information. Opening file attachments on clicking on web links in suspicious emails could expose your system to malicious code that could hijack your computer.
• Never respond to a suspicious email/SMS or click on any hyperlink embedded in a suspicious email/SMS. Call the purported source if you are unsure who sent an email/SMS.
• If an email/SMS is claiming to be from your financial organization seems suspicious, checking with your financial organization may be appropriate.
• Install anti-virus and spyware detection software on all computer and mobile systems. Free software may not provide protection against the latest threats compared with an industry standard product.
• Update your computers and mobile device regularly with the latest versions and patches of both antivirus and antispyware software.
• Ensure computers and mobile devices are patched regularly, particularly operating system and key application with security patches.
• It is strongly recommended to implement a Security Awareness program, addressed to all your management and staff, designed to increase the level of understanding regarding Social Engineering and security threats in general.