CSIRT warns of bank phishing for pre-approved credit

Summary

The Computer Security Incident Response Team (CSIRT) has identified a phishing campaign through an email whose message tries to deceive the users of Banco de Chile. The attacker sends a message that talks about the existence of an available credit of $ 500,000 pesos. In the message, scammers send a link through which credit is approved. By selecting the link, the person is directed to a site similar to that of the Bank.

Observation

We request to take into account the signals of commitment as a whole

IoCs

Url’s:

https[:]//horizonpersongroup[.]site/area-grupal/bancochile/wps/wcm/connect/Personas/Portal/public/cliente

Sender

info@jolabour.com

info@www.merufyi.com

Smtp Host

[27,254,238,225]

[202.181.99.17]

Subject:

Don’t run out of cash Approved credit of $ 500,000

Recommendations

Keep your platforms updated (Office, Windows, Adobe Acrobat, Oracle Java and others)

Evaluate the preventive blocking of commitment indicators

Keep all technology and threat detection platforms updated

Review the security controls of the AntiSpam and SandBoxing

Perform permanent awareness for users about these types of threats