FROM THE COMODO LABS: Alibaba.com The Subject Of New Phishing Attack

Web Sites Leak Reading Time: 3 minutes

The Comodo Antispam Labs (CASL) team has identified a new phishing attack targeted specifically at businesses and consumers who may use Alibaba.com, the global trading web site.

phishing attack

As part of a random phishing campaign, the fake emails are being sent from the spoofed address feedback@service.alibaba.com – which to a business or consumer could appear to be sent from a legitimate email address, but it is not.

The email is designed to ask alibaba.com customers to verify their account, to (ironically) cut down on spam and fraudulent emails – when in actuality, it is stealing the passwords of alibaba.com users, when they log in to verify the information.

The Comodo Antispam Labs team identified the alibaba.com phishing email through IP, domain, and URL analysis.

“Cybercriminals are getting more and more creative each day – trying to use breaking news in the world of technology to try and take advantage of businesses and consumers and steal data, passwords, and financial information,” said Fatih Orhan, Director of Technology for Comodo and the Comodo Antispam Labs. “As a company, Comodo is working diligently in creating innovative technology solutions that stay a step ahead of the cyber criminals, protect and secure endpoints, and keep enterprises and IT environments safe.”

The Comodo Antispam Labs team is made up of more than 35 IT security professionals, ethical hackers, computer scientists and engineers, all full time Comodo employees, analyzing and filtering spam, phishing and malware from across the globe. With offices in the US, Turkey, Ukraine, the Philippines and India, the CASL team analyzes more than 1,000,000 potential pieces of phishing, spam or other malicious/unwanted emails per day, using the insights and findings to secure and protect its current customer base and the at-large public, enterprise and Internet community.

For the System IT Administrators who think their IT may be susceptible to the spoofed phishing email and want to help protect their infrastructure, the sending IP address is 91.231.87.147 and webmaster@uam.name is the original sender of the email.

If you feel your company’s IT environment is under attack from phishing, malware, spyware or cyberattacks, contact the security consultants at Comodo: https://enterprise.comodo.com/contact-us.php

Email Content
From: Alibaba member <feedback@service.alibaba.com>
Subject: Alibaba member account verification

Alibaba Member Services

There are two verification links inside the e-mail but they both simply hyperlink to the same link, which takes the user to a landing page with the Alibaba.com logo and sign-in information

After the user logs into the system with the email and password, a screen prompt surfaces that shows the “verification” has been complete (and thus, the passwords and ID have been stolen by the cyber thieves):

Verification Completed

TEST YOUR EMAIL SECURITY GET YOUR INSTANT SECURITY SCORECARD FOR FREE Source: https://blog.comodo.com/comodo-news/alibaba-phishing-attack/

Generative Data Intelligence

FROM THE COMODO LABS: Alibaba.com the subject of new phishing attack

Minimum Viable Compliance: What You Should Care About and Why

Military Tank Manual, 2017 Zero-Day Anchor Latest Ukraine Cyberattack

Latest Intelligence

Drone Racing League Acquired by Infinite Reality for $250M

Rafale enters Croatian service

US private equity firm Thoma Bravo to acquire UK cybersecurity company Darktrace for $5.3 billion in cash – Tech Startups

US to provide $6B to fund long-term weapons for Ukraine, officials say

The 17 Largest Global Startup Funding Rounds of March 2024

UK explores new radar and IR tech to enhance SDA

Chat with us