Cybersecurity experts are alerting users about a new phishing campaign leveraging legitimate AI website builders like DeepSite AI and BlackBox AI to clone Brazilian government sites. These fraudulent pages mimic the State Department of Traffic and the Ministry of Education, tricking users into unauthorized payments through Brazil’s PIX system. Using SEO poisoning techniques, the attackers enhance the visibility of these sites to increase their success rates. Analyzing the source code reveals traits of generative AI tools, illustrating the sophistication of the phishing attempts. Victims are lured into providing sensitive information, including Cadastro de Pessoas FÃsicas (CPF) data. Additionally, a malspam campaign distributing the Efimer Trojan has emerged, targeting users with fraudulent emails. Efimer compiles cryptocurrency wallet information and spreads through compromised WordPress sites. Key targets include major countries like Brazil, India, and the UK. Cybersecurity vigilance is essential amid these rising threats.
Source link
Share
Read more