A sneaky new phishing attack attempts to manipulate victims into entering their username and password by claiming their account will be deleted if they don't – and it uses a countdown timer to pile on the pressure.
This kind of fear tactic is common in phishing attacks, as cyber criminals know that sending victims into a state of urgency means they're more likely to follow instructions, particularly if they've been told something is wrong with their account.
What sets this attack apart from others is that it appears to borrow a tactic from ransomware gangs – displaying a countdown clock on the phishing site. The timer ticks down from an hour, claiming the user must enter their username and password to 'validate' their account before the countdown clock hits zero, otherwise their account – and even those of others – will be deleted.
This isn't a real warning and even if the countdown timer reaches zero, nothing will be deleted – but the tactic is designed to make the victim panic and follow the instructions. It's similar to a technique used by ransomware groups.
If the user targeted by the phishing email enters their login credentials, it either claims they've used the wrong password or it says the login details are accepted, before redirecting them back to their company home page. In either cases, the result is the same – the attacker steals the username and password.
Phishing attacks are one of the most common methods cyber criminals use to steal usernames and passwords. Using multi-factor authentication (MFA) can help protect accounts, because even if the attacker knows the correct login credentials, the need for extra verification prevents them from being able to access the account, as well as providing a warning that something could be wrong.