Cyber Attack on Bayyinah TV

Phishing Email Analysis
Rectification
Reactions
Hack Analysis
Recommendations
Audio / Podcast in English

Bayyinah TV was hacked recently, which caused the subscribers to experience a phishing attack.

Phishing Email Analysis

Date: 26th September 2022
Sender Email Address: Bayyinah – [email protected] – This is the official email address of Bayyinah TV.
Subject: Bayyinah TV
Email Body:
- The email used the same email template as the official Bayyinah TV emails.
- The email mentioned the correct full names of the recipients in the email body.
- The email contained a short URL, which led to a malicious URL.
The phishing email was well constructed with no spelling or grammatical mistakes. It was very difficult for the common recipient to suspect it as a phishing email.

Rectification

On 29th September 2022, The Bayyinah TV Team sent an email to its subscribers, informing them that Bayyinah’s email was hacked and they have now secured their systems. No further details were provided. Nothing about this attack was posted on their social profiles. The Short URL has been blocked.

Notification about the Phishing Attack from Bayyinah TV

The Short URL in the Phishing Email has been Blocked

Reactions

Subscribers have reported receiving the phishing email and some clicked on the link.

Hack Analysis

It looks like the hacker got access to Bayyinah’s email marketing service. It is possible that he made a copy of the full names and email addresses of all Bayyinah subscribers during this hack. If more information about the subscribers was stored in the Bayyinah’s email marketing service then that could have been copied as well. If this is the case then Bayyinah should declare it and inform the subscribers to stay vigilant for phishing attempts in the future.

Recommendations

If you clicked on the short URL then scan your system with a well reputed antivirus for any possible presence of a malware.
If you downloaded anything from that URL then remove it from your devices.
Stay vigilant for any further phishing emails. If the hacker was able to copy your information from Bayyinah’s email marketing service then it could be available on the dark web by now and could be used by the same or other hackers in the future to target you.

Audio / Podcast in English

About the Speaker(s)/Author(s):
Nauman Khan is a software engineer from Multan, Pakistan. He is the founder of The Clear Evidence initiative, urShadow’s Blog, which is ranked among the top 30 blogs for Saudi Arabia and one of the largest Facebook groups in Saudi Arabia.
He completed his schooling from Multan and then completed his engineering from Islamabad, Pakistan. Since then he has been working in the technology domain for the leading corporations in the telecommunication industry in the Middle East region.
He developed his first website in 2000 with a section on Islam. In 2008, he launched urShadow’s Blog with Come to Islam section, which has over 1,400 posts. In 2019, he launched The Clear Evidence initiative.
For more details:
Nauman Khan – LinkedIn

1share

Comments

Nauman Khan says

October 1, 2022 at 10:04 am

Omer Munir commented on WhatsApp: “Ooooops”

Nauman Khan says

October 1, 2022 at 8:01 pm

Namra Islam commented on WhatsApp: “😐”

Nauman Khan says

October 1, 2022 at 8:03 pm

Osama Anwer Qazi commented on WhatsApp: “Assalam alikum Nauman bhai, Hope you are fine. Did you try to contact them? Can we provide our services to them?”

- Nauman Khan says
  
  October 1, 2022 at 8:03 pm
  
  Waliqumaslam, I didn’t contact them as they solved the issue the same day. There is no harm in contacting them if they are looking for any services.
  
  - Nauman Khan says
    
    October 1, 2022 at 8:04 pm
    
    Osama Anwer Qazi commented on WhatsApp: “👍”