Intricate Phishing Scam Uses Support Chatbot to ‘Assist’ Victims
A recent phishing scam is targeting consumers by utilizing a malicious customer service chatbot function that steals victims’ information by prompting them to fill out various forms including credit card numbers and bank account information. The campaign was discovered by MalwareHunterTeam and is targeting Russian citizens. The threat actors are pretending to be a refund for unused Internet and cellular services of $2,100.
The chatbot function makes the scam more intriguing, as the bot pretends to be a customer service agent walking the victim through a series of screens and asking them for their information. The fake support rep tells the victim that their information cannot be found in the system, then asking them to fill out bank and payment details.