• by Ray Schultz , Columnist, Yesterday

Phishing is now a universal problem, affecting businesses at every level and location. 

At the lower end of the tech scale, the city of Auburn, New York, has warned residents about a scam targeting planning and zoning board applicants. 

Intended victims receive emails claiming to be sent by local government planning or zoning officials, Government Technology reports. These emails, which appear to be legitimate, seek payments for permits or processing fees.  

Of course, this is a nationwide scam customized for different cities and jurisdictions.  

At the opposite end, WhatsApp users worldwide are being targeted by a malware campaign that attempts remote system access with VBScript files, cyber security firm Kapersky has found, according to Bleeping Computer.

The VBS files appear to be financial reports, billing statements and other documents that would lead an unsuspecting recipient to open the file, Bleeping Computer writes.  

Those who click through receives additional scripts that, in turn, disable UAC protections, Bleeping Computer continues.  

“Based on evidence collected from multiple victims through social media reports and submitted samples, we can conclude that the threat actor had gained access to several WhatsApp accounts and used them to distribute the malicious VBScript files to contacts on the compromised users’ contact lists,” Kapersky writes, according to Bleeping Computer. 

Meanwhile, a new report by Barracuda Research states that one in seven compromised accounts is now being used to launch additional attacks, and that this type of activity is getting easier. 

“Attackers are using large language models (LLMs) to create highly convincing, personalized messages at scale, without the spelling errors or obvious red flags users were trained to spot," Barracuda writes. “What once required skilled threat actors can now be done by anyone in minutes."

In addition, ClickFix scams “trick users into running malicious commands by presenting fake error messages or ‘fix’ instructions that appear legitimate,” the company continues. “Instead of relying on downloads or traditional malware delivery, attackers manipulate targets.”

That’s not all.  

“The modern attackers’ toolkit also features other, similar, tactics, such as fake login portals, QR code phishing or malicious app permissions, using AI to boost speed and volume and maximize the likelihood that users comply.”

And, many attackers use “adversary-in-the-middle (AitM) techniques to evade authentication defenses such as multifactor authentication (MFA)," Barracuda adds. “Put simply, they insert themselves between the victim and the software application and intercept the login process in real time to capture credentials and session tokens.” 

Is it possible to keep up with these ingenious mechanisms?