Ahead of International Women’s Day, Kaspersky experts have conducted research and found dozens of malware-infected websites and phishing pages, mainly targeting women – including community sites, forums with advice articles, online stores selling clothes or cosmetics for females, and more.
These example pages were originally legitimate resources, later hacked by cybercriminals to spread malware. Among the threats spread on the detected websites Kaspersky experts found web skimmers – usually embedded in the code of online shops to steal user payment data, leading to the potential financial loss of a victim.
Moreover, in the code of the pages the researchers also detected Balada injector, a malware that automatically redirects the user to bogus captcha pages, forcing user to allow notifications from the website. If a victim agrees, their browser will constantly pop-up a huge number of intrusive notifications on third-party pages, imposing scam content.
SocGholish malware was also detected among web threats on women’s community sites. This threat persuades users to download and run a malicious script under the guise of browser updates. At different times, SocGholish infection was used to spread malicious remote admin tools, allowing an attacker to gain full access to the device without the user’s knowledge, data stealers or botnets, making the victim’s device to carry out cyberattacks itselfAdditionally, Kaspersky researchers detected several phishing pages masquerading as books about breastfeeding, pregnancy, and nutrition for fertility. To continue reading, victims had to enter their personal and bank card details. Once entered, this information was automatically transmitted to the attackers, while access to the book was never granted.
“The targets of cybercriminals know no bounds, and anyone can fall victim to their schemes. Websites, irrespective of their audience, are vulnerable to mass attacks and what’s particularly concerning is that even reputable platforms can be infiltrated and compromised. As we celebrate International Women’s Day, we need to recognize the importance of safeguarding our online presence. It’s essential for women, who often face heightened risks online, to exercise caution when installing software or sharing personal information. It’s a reminder to prioritize our digital safety and empower each other by using reliable cybersecurity measures,” comments Victoria Vlasova, Malware Analyst Team Lead at Kaspersky.
Ahead of International Women’s Day, in our special project “Letters to the Past”, female Kaspersky employees highlight the importance of women supporting women and share what advice they would give to their past selves – girls who may still be afraid of the IT world, but later, have become superheroes protecting the world from cyberthreats. Find their inspiring stories on the Women in Tech website, proving nothing can hold you back.
To avoid falling a victim of cybercriminals, Kaspersky experts recommend:
Be mindful of sharing personal information: Be careful when providing personal information online, especially sensitive details like your address, phone number, or financial information. Only share this type of information on trusted and secure platforms.
Trust reliable sources: Rely on official websites, authorized retailers, and reputable sources. Avoid unofficial or suspicious sources that may try to exploit your enthusiasm.
Use security solutions: Use a reliable security solution, such as Kaspersky Premium, that identifies malicious attachments and blocks phishing sites.