Online Support Agents Being Targeted Through Live Chat Platforms

This article has been indexed from E Hacking News – Latest Hacker News and IT Security News

Phishing scammers are pretending to be customers contact live-chat assistance agents with fake issues, making them open infected files, says incident response expert who found a surge in incidents using this trick since the start of this year. This scam is similar to another phishing campaign example which involves leveraging communication channels beyond the outside the emails to target potential victims out of the blue. The technique works off because website operators using chat features do not always check the files for malware while uploading. 

The hackers behind this rising trend are part of a ransomware group and maybe using automated scripts to target ‘contact us’ or other chat forums on the web which they can exploit, says Devon Ackerman, managing director and head of incident response for North America with Kroll’s Cyber Risk practice. He said “From a coding standpoint, I can build logic that will scan for [these chat forms] across any number of websites,” said Ackerman, placing himself in the shoes of an attacker.

After finding the form itself, “the second thing I’m looking for is… an interactable or selectable box [in the form field] that allows me to do a file upload. I can even anonymize myself through a virtual hosting server for maybe five, 10 bucks a month, and just run my script 24 hours a day and let it scan or crawl websites non-stop like a search engine spider or bot would.”