Attached to the message is a link to download a PDF file from a legitimate server of a file sharing platform. Since it is a recognized domain that is classified in many systems as white and pre-approved, it passes the corporate security filters and does not automatically trigger an alert. Within the PDI file itself, another link is integrated, which points to a phishing site impersonating the Google login page. The victim is asked to enter a username and password, and sometimes also a verification code. Once the details are typed, they are passed to the attacker.
After stealing the account information, the attacker enters the victim’s Google account and sometimes also other services connected to it. Using the stolen credentials, he connects to the Jumbo Mail platform and creates a new malicious link. In the final step, he returns to the hacked mailbox and sends the new link to the victim’s contacts. This creates a chain of infection where real users unknowingly become the distributors of the scam.
The company emphasizes that the Jumbo Mail servers themselves were not hacked and that the malicious messages are not sent from the company’s servers. The emails are distributed directly from hijacked private mailboxes, and the link points to a legitimate download page on the platform that contains the malicious file. It was also reported that users who activated two-step verification were protected against the hijacking of the account and its misuse.
The company recommends the public to take immediate steps. First and foremost, enable two-step verification on every email account. According to them, this is the main defense measure that prevents the attacker from using the hijacked account to continue spreading the fraud. It is also recommended to verify by telephone with the sender when a message of a legal or financial nature is received, especially if it includes an urgent demand for action.
In addition, it is recommended to use the preview option in the cloud before downloading files to the PC, to reduce the risk of running malicious files. Information security managers in organizations are offered to switch to managed corporate accounts, which enable centralized identity management and stricter security policy enforcement, with the aim of reducing information leaks and preventing misuse of hacked accounts.
https://zenwriting.net/shannonhowell/exploring-the-growing-market-of-apartments-for-sale-in-calpe
https://www.startus.cc/company/solinea-real-estate-spain
https://www.getlisteduae.com/listings/solinea-real-estate-2
https://www.brownbook.net/business/54837610/solineareal-estatespain
https://www.pinterest.com/pin/1138495980818209232
https://myspace.com/propertypulse/post/activity_profile_58464406_83250682a7fd4cad851a1053b7e675a4/comments
https://diigo.com/011ykiv
https://ekcochat.com/post/945219_healthcare-infrastructure-and-daily-practicalities-the-costa-blanca-benefits-fro.html
https://www.tumblr.com/realestatepro247/808949903533441024/cost-of-living-on-the-costa-blanca-explained?source=share
https://brentonmayo.dropmark.com/2092199/37393500
https://papaly.com/categories/share?id=717f79d75d5647648de863a86f098c85
https://flipboard.com/@evancarney2021/choosing-the-right-area-on-the-costa-blanca-hq704v6py
https://whoosmind.com/post/381792_the-costa-blanca-has-become-one-of-spain-s-most-attractive-regions-for-internati.html
https://webhitlist.com/video/year-round-living-under-the-mediterranean-sun
https://gettr.com/post/p3xfeq1be2e
https://classifieds.ocala-news.com/author/landraft2
https://etuitionking.net/forums/users/menuink6/
https://volleypedia-org.50and3.com/index.php?qa=user&qa_1=cubdress1
https://adsintro.com/index.php?page=user&action=pub_profile&id=801744
https://gratisafhalen.be/author/oboerate3/
https://travelersqa.com/user/subwaysoy9
https://www.divephotoguide.com/user/walletyogurt3
https://bioimagingcore.be/q2a/user/subwaybrian5
https://500px.com/p/powerryvastrup
https://stackoverflow.qastan.be/?qa=user/radarchin2