The sites are targeting job-seekers, movie aficionados and shoppers in hopes of harvesting their personal information.
An ongoing domain name spoofing campaign is taking aim at retail giant Walmart and other big fish, with more than 540 malicious domains being used to harvest consumer information.
The scam domains are mimicking legitimate sites in name and appearance, in hopes of fooling visitors into entering their personal details, according to
analysis from DomainTools. Aside from Walmart, other big-name lures are affiliated with the phishing campaign, spoofing Fortune 500 companies like McDonald’s, online dating sites and movie downloads. An unknown threat actor is behind it all, the firm said, displaying an obvious level of sophistication given the sheer scale of the effort.
One domain in particular kicked off the firm’s investigation and proved to be the tip of the iceberg: www.walmartcareers[dot]us. Purporting to be an employment application site for Walmart, with the look and feel of a legitimate site for the retailer, it gathers personal information from would-be job-seekers. The researchers soon uncovered other Walmart-themed sites that offer gift cards or other services, and the investigation widened from there.
“These sites are so convincing, job applicants are going through entire (fake) application process, even showing up to in-person interviews, only to find out that they have turned over their personal credentials to threat actors,” a DomainTools spokesperson said via email.
threatpost.com
