Digital fraudsters incorporated a chatbot into their phishing scam for the purpose of helping victims hand over their personal information. In a scam discovered by MalwareHunterTeam and shared with Bleeping Computer, digital attackers targeted Russian users with fake refunds of 159,700 rubles ($2,100) for unused web and phone services. The campaign stood out to Bleeping Computer in that it used a chatbot to help walk users through several screens instructing them to provide their names, addresses, last four digits of their passport numbers and payment details. Once they submitted this data, the chatbot informed victims that their data could not be found. It then told them to enter their information again.
A screenshot of the chatbot asking victims to resubmit their personal information. (Source: Bleeping Computer) Bleeping Computer noted in its research that this step served a valuable purpose:
This acts as a double-verify by the scammers to make sure that the victim is submitting the correct information. Even if you submit different information the second time, the chatbot will come back on and say your record was found.
At that point, the campaign redirected victims to another page instructing them to submit their names, phone numbers and credit card information. The scam concluded by informing victims that they could not complete their Verified By Visa purchase because they had continually entered incorrect details. This attack campaign highlights the ingenuity with which malicious actors will attempt to steal people's names, addresses, payment card details and other personal information. Once in possession of these pieces of information, those actors can then attempt to commit identity fraud and cause even greater harm. Acknowledging those risks, users need to protect themselves against sophisticated phishing attacks. One of the ways they can do this is by familiarizing themselves with some of the most common phishing campaigns that are in circulation today. This resource serves as a great starting point.