'Salvation Army' Email Scam

The 'Salvation Army' email scam aims to obtain private and confidential details from unsuspecting users. The fraudsters disseminate lure emails with fake claims in an attempt to induce their victims into visiting a dedicated phishing website asking for account credentials and other sensitive information. Typically, the data collected through such phishing schemes is later offered for sale to interested third parties that may include cybercriminal groups.

The emails delivered as part of this tactic claim to be coming from the Australian division of the international charitable organization The Salvation Army. They ask users to review the supposed invoice attached to the email. The name of the attached decoy file could be similar to 'payment _0833.html.' Attempting to open it takes users to a fake Office 365 site that is a phishing page in reality. There, users are asked to provide their email, phone, or Skype name, as well as the associated password to access the 'invoice' file. Any information entered into the page will become available to the con artists.

Apart from trying to sell the victims' data, the people behind phishing attacks also could use it to expand their reach and compromise additional user accounts. They can use social medial accounts to spread misinformation or malware threats, while funds stored in banking and financial accounts could be siphoned out, leading to considerable monetary losses.