IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Phishing campaign uses math symbol to imitate Verizon logo

Fake logo fools victims into thinking they are dealing with the real company

Security researchers have discovered a new phishing campaign that uses a math symbol in the Verizon logo to fool victims.

Researchers found the campaign impersonating Verizon in dozens of fake emails sent from various Gmail addresses in the first half of September. Instead of using a V symbol at the end of the logo, phishers used either a square root symbol, a logical NOR operator, or the check mark symbol. 

All three types masqueraded as voicemail notifications. Verizon does provide voicemail services, including notifications, according to researchers at Inky.

Researchers said even though corporations have huge marketing budgets to spend on logo design, people are terrible at remembering them. This works for criminals who can deceive their victims with made-up logos that look about right. 

Researchers said that while the graphics were off, they did the job. Another thing that helped phishers was that Verizon had changed its logo a couple of times since Bell Atlantic Corporation was renamed Verizon in 2000.

Regardless of the symbol used, each email had a malicious link to a credential-harvesting site that targeted Microsoft Office 365 users. All three types masqueraded as voicemail notifications. Verizon does provide voicemail services, including notifications.

“Clicking on the button (black or red, depending on the version) prominently displaying the text “Play >” (made up of the word plus a close-angle-bracket character) led to a site that appeared to be Verizon's, but was in fact a malicious impersonation,” said researchers.

They added that phishers could easily steal separate HTML and CSS elements from Verizon’s real site to put together a custom job that included a correct version of the logo.

Researchers said the criminals had created and registered the fake site via Namecheap barely a month ago, according to a WHOIS lookup. Namecheap has since taken the site down, and it now has an “NXDOMAIN” status, meaning it no longer exists, they added.

At the bottom of the fake page it invited targets to “play, listen, or download” their voicemail with Office365 credentials. Using the red “Authenticate with Office365” button led to a fake Microsoft log in dialog box.

Related Resource

How to reduce the risk of phishing and ransomware

Top security concerns and tips for mitigation

Large letter 'O' against a background of a city - whitepaper from MimecastFree download

When researchers attempted to log in to the fake site, they received a response saying the password was incorrect. The second attempt elicited a bogus error message. However, the site harvested credentials on the back end both times.

“This pattern, the double ask, is fairly common. It’s not entirely clear what the phishers are up to, but it's possible that they want the victim to confirm the correctness of the data, or that they hope the victim will try a different account, yielding them two sets of credentials for the price of one,” researchers warned.

Researchers advised users to be suspicious of voicemail notifications coming from Gmail or other free email providers such as Yahoo, AOL, or Hotmail. “They should also distrust emails that claim to be from Verizon but come from a Gmail sender,” they added.

Featured Resources

Three ways manual coding is killing your business productivity

...and how you can fix it

Free Download

Goodbye broadcasts, hello conversations

Drive conversations across the funnel with the WhatsApp Business Platform

Free Download

Winning with multi-cloud

How to drive a competitive advantage and overcome data integration challenges

Free Download

Talking to a business should feel like messaging a friend

Managing customer conversations at scale with the WhatsApp Business Platform

Free Download

Recommended

Facilitating Fintech
Whitepaper

Facilitating Fintech

5 Oct 2022
Best security systems for business
cyber security

Best security systems for business

4 Oct 2022
Frontpoint review
cyber security

Frontpoint review

4 Oct 2022
Vivint review
cyber security

Vivint review

4 Oct 2022

Most Popular

Vodafone UK confirms talks to merge with Three are underway
mergers and acquisitions

Vodafone UK confirms talks to merge with Three are underway

3 Oct 2022
BT's new platform promises to slash AI development time from months to days
artificial intelligence (AI)

BT's new platform promises to slash AI development time from months to days

3 Oct 2022
How to secure your hybrid workforce
Advertisement Feature

How to secure your hybrid workforce

23 Sep 2022