We recently observed a new variation of the creepy Bitcoin Sextortion Email Scam. Like those scams, the attacker sends emails claiming to have access to the recipient's computer files and webcam, and threatens to send embarrassing video to all the recipient's contacts unless a ransom is paid. However, there is one thing different: the scammer demands to be paid through Monero instead of Bitcoin.
Legacy anti-phishing software fails to detect what we call “Microjacking” — hijacking another's Microsoft’s resources to host phishing attacks. In today's catch of the day, we share an example of this in a phishing email that INKY stopped.
Just when we think we've seen it all, we block a clever but dangerous phishing technique like this one. We call this "Phishception" because, like the layered storyline of the movie "Inception", here the phish is found nested within another phishing email.