U.N., UNICEF, Red Cross Under Ongoing Mobile Attack

An ongoing, mobile-focused phishing campaign is targeting the United Nations and several humanitarian aid organizations, including UNICEF, the Red Cross and UN World Food. The campaign is using landing pages signed by SSL certificates, to create legitimate-looking Microsoft Office 365 login pages.

The unusual aspect of the campaign is that it identifies mobile devices; once detected, it then logs keystrokes in real-time as the user enters them into the phishing page.

“Specifically, Javascript code logic on the phishing pages detects if the page is being loaded on a mobile device and delivers mobile-specific content in that case,” explained researchers from Lookout, in a posting on Friday. They noted that mobile web browsers also unintentionally help obfuscate phishing URLs by truncating them, making it harder for the victims to vet the legitimacy of the pages.

Read more…
Source: ThreatPost