Stay alert against Temu phishing scams: Cybersecurity experts warn of scammers using fake giveaways to steal credentials.
Over 800 new 'Temu' domains registered in the past 3 months.
Temu is the latest brand chosen by scammers for their phishing scams.
For your information, Temu is an international e-commerce store having 40% of its user base in the USA. It offers discounted goods shipped directly to consumers.
Temu was launched in 2022 and is available in 48 countries, including Europe, the Middle East, Southeast Asia, and Australia.
The sample phishing email identified by researchers claims to be from Temu Rewards.
If you look closely, it is sent by an unrelated email address- onmicrosoft.com.
The email contains a blank image and a link to a credential harvesting page.
According to Checkpoint's blog post, the email has Temu's name as the sender.
If the user realizes the sender address isn't related to Temu or the links don't lead to a Temu page, they'll stay away from this scam.
The email should raise suspicion as it is sent from a generic address on onmicrosoft com, and the image does not load. Brand Names and Phishing.
In November 2022, Hackread reported that Cyjax researchers discovered a sophisticated phishing campaign targeting over 400 brands across various sectors.
The scammers, likely having Chinese affiliations, used 42,000 domains to distribute malware and generate ad revenue with at least 24,000 survey/landing domains used to promote the scam.
Cybersecurity researchers at Bloster AI recently discovered a USPS Delivery phishing campaign utilizing advanced techniques to target victims in the US. Bolster's CheckPhish detected over 3,000 phishing domains mimicking Walmart.
A phishing scam targeting Meta Platforms, Inc. business owners to steal their email addresses and passwords, leading to the takeover of their Facebook page, profile, and financial information was discovered in January 2024.
The scam used Meta Platforms' authority to create urgency and legitimacy.
Temu itself has faced several cybersecurity-related issues, including allegations of collecting user and device data such as text messages and banking information.
Another report surfaced, implicating Temu in the unauthorized disclosure of customer data, particularly in connection with data purportedly appearing for sale on the dark web after customers make purchases through the app.
It's crucial to emphasize basic security measures with users and ensure that all threats can be stopped, both simple and sophisticated, especially scams like these, which exploit users' trust in big brands.
To protect against phishing attacks, security professionals must implement AI-based security, robust URL protection, and full-suite security to scan documents and files.
This Cyber News was published on www.hackread.com. Publication date: Fri, 09 Feb 2024 11:13:05 +0000