IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Phishing campaign uses math symbol to imitate Verizon logo

Fake logo fools victims into thinking they are dealing with the real company

Security researchers have discovered a new phishing campaign that uses a math symbol in the Verizon logo to fool victims.

Researchers found the campaign impersonating Verizon in dozens of fake emails sent from various Gmail addresses in the first half of September. Instead of using a V symbol at the end of the logo, phishers used either a square root symbol, a logical NOR operator, or the check mark symbol. 

All three types masqueraded as voicemail notifications. Verizon does provide voicemail services, including notifications, according to researchers at Inky.

Researchers said even though corporations have huge marketing budgets to spend on logo design, people are terrible at remembering them. This works for criminals who can deceive their victims with made-up logos that look about right. 

Researchers said that while the graphics were off, they did the job. Another thing that helped phishers was that Verizon had changed its logo a couple of times since Bell Atlantic Corporation was renamed Verizon in 2000.

Regardless of the symbol used, each email had a malicious link to a credential-harvesting site that targeted Microsoft Office 365 users. All three types masqueraded as voicemail notifications. Verizon does provide voicemail services, including notifications.

“Clicking on the button (black or red, depending on the version) prominently displaying the text “Play >” (made up of the word plus a close-angle-bracket character) led to a site that appeared to be Verizon's, but was in fact a malicious impersonation,” said researchers.

They added that phishers could easily steal separate HTML and CSS elements from Verizon’s real site to put together a custom job that included a correct version of the logo.

Researchers said the criminals had created and registered the fake site via Namecheap barely a month ago, according to a WHOIS lookup. Namecheap has since taken the site down, and it now has an “NXDOMAIN” status, meaning it no longer exists, they added.

At the bottom of the fake page it invited targets to “play, listen, or download” their voicemail with Office365 credentials. Using the red “Authenticate with Office365” button led to a fake Microsoft log in dialog box.

Related Resource

How to reduce the risk of phishing and ransomware

Top security concerns and tips for mitigation

Large letter 'O' against a background of a city - whitepaper from MimecastFree download

When researchers attempted to log in to the fake site, they received a response saying the password was incorrect. The second attempt elicited a bogus error message. However, the site harvested credentials on the back end both times.

“This pattern, the double ask, is fairly common. It’s not entirely clear what the phishers are up to, but it's possible that they want the victim to confirm the correctness of the data, or that they hope the victim will try a different account, yielding them two sets of credentials for the price of one,” researchers warned.

Researchers advised users to be suspicious of voicemail notifications coming from Gmail or other free email providers such as Yahoo, AOL, or Hotmail. “They should also distrust emails that claim to be from Verizon but come from a Gmail sender,” they added.

Featured Resources

Activation playbook: Deliver data that powers impactful, game-changing campaigns

Bringing together data and technology to drive better business outcomes

Free Download

In unpredictable times, a data strategy is key

Data processes are crucial to guide decisions and drive business growth

Free Download

Achieving resiliency with Everything-as-a-Service (XAAS)

Transforming the enterprise IT landscape

Free Download

What is contextual analytics?

Creating more customer value in HR software applications

Free Download

Recommended

Mastering endpoint security implementation
Security

Mastering endpoint security implementation

18 May 2022
The Total Economic Impact™ of Apple Mac in Enterprise: M1 update
Whitepaper

The Total Economic Impact™ of Apple Mac in Enterprise: M1 update

12 May 2022
Dell Technologies World 2022: Dell unveils fastest storage architecture in company history
Server & storage

Dell Technologies World 2022: Dell unveils fastest storage architecture in company history

4 May 2022
Dell Technologies World 2022: Dell unveils security offerings for major cloud providers
public cloud

Dell Technologies World 2022: Dell unveils security offerings for major cloud providers

3 May 2022

Most Popular

Europe's first autonomous petrol station opens in Lisbon
automation

Europe's first autonomous petrol station opens in Lisbon

23 May 2022
Nvidia pauses hiring to help cope with inflation
Careers & training

Nvidia pauses hiring to help cope with inflation

23 May 2022
Open source packages with millions of installs hacked to harvest AWS credentials
hacking

Open source packages with millions of installs hacked to harvest AWS credentials

24 May 2022