Glasgow City Warns of Parking Fine Scam as Cyber Security Incident Continues
Glasgow City Council has issued an urgent warning to residents about a sophisticated parking fine scam that has emerged amid ongoing cybersecurity concerns affecting the city’s digital infrastructure.
The fraudulent scheme targets motorists through text messages and emails claiming they owe parking fines, with criminals leveraging the current security incident to add credibility to their deceptive communications.
The malware campaign operates through a multi-vector approach, primarily utilizing SMS phishing (smishing) and email-based attacks that direct victims to convincing replica websites.
.png
"Glasgow City Warns of Parking Fine Scam as Cyber Security Incident Continues 2")
These malicious sites are designed to harvest personal information and payment details from unsuspecting drivers who believe they are settling legitimate parking violations through URLs resembling official council domains.
The attack methodology involves sending automated messages containing urgent payment requests, typically accompanied by threats of escalated fines or legal action if immediate payment is not made.
BBC analysts identified that the scammers have incorporated references to Glasgow’s current cyber security challenges, making their fraudulent messages appear more authentic and urgent to potential victims.
The malware exhibits sophisticated social engineering tactics, with messages crafted to create time pressure and fear of consequences.
The fraudulent websites employ SSL certificates and professional design elements that closely mimic legitimate council payment portals, making detection challenging for average users.
Infection Mechanism and Payment Exploitation
The scam’s primary infection vector relies on credential harvesting rather than traditional malware installation.
When victims access the fraudulent payment portals, JavaScript code executes to capture form data:-
document.getElementById('payment-form').addEventListener('submit', function(e) {
captureData(this);
});The harvested banking details and personal information are transmitted to criminal servers for unauthorized transactions or dark web sales.
Glasgow City Council emphasizes that genuine parking fine communications are exclusively sent through official postal mail, never via text message or email.
Investigate live malware behavior, trace every step of an attack, and make faster, smarter security decisions -> Try ANY.RUN now
Source link
