The Latest Evolution in Phishing Attacks

Posted by Trevagh Stankard on Thu, Nov 25th, 2021

As users continue to educate themselves in the ways phishing attacks work, bad actors change their methods to bypass user defenses and the cybersecurity infrastructure in place. One attack strategy remains the same, however – threat actors use common and popular domain names to trick users into trusting websites and email messages. In the latest phishing campaign, threat actors target users with popular brands offering money or gifts in exchange for their information. Take a look at latest phishing techniques.

 

The Question Quiz Phishing Campaign

The latest method for attackers is using a quiz style website that offers gifts or money in exchange for information. Using common brands, attackers have a good chance of tricking several individuals into providing private data. For example, the website might offer gifts in exchange for authenticating into their banking account to collect the gift. The authentication credentials are sent to the attacker, who can then use them to access the user’s financial accounts.

Another aspect of the new evolution of phishing is the use of a content delivery network (CDN). Many large organizations use CDNs to speed up delivery of content to a global audience. The CDN has data centers and edge servers across the globe that deliver cached data to users within the server geolocation. This infrastructure is common for enterprise websites, but it’s not standard in phishing websites.

The use of a CDN in quiz-related phishing sites speeds up delivery of applications and data transfer, which makes the site look more legitimate to standard users. Traditionally, threat actors build phishing sites using free or low-cost servers. If the site is built on a free platform, the host does not offer fast delivery and could show advertising on the site. These flags give away hints to users that the site is not legitimate.

With a CDN, the user would not see any speed issues or advertising on free servers, so it provides a better phishing host. The layout and design of the phishing site include social media images and links and use domain names similar to official businesses familiar to readers. Attackers start off the phishing campaign with an email message or text message. A CDN shields the origin IP from the open public, so it makes it more difficult for researchers and security experts to alert the host provider of a scam site.

 

Protecting Yourself and Your Organization from These New Phishing Methods

If it’s too good to be true, it’s probably a scam. This cliché rings true in this phishing attack. Any website that promises to give money or objects to a specific numbered viewer is always a scam, even if the site claims to be an official business. The phishing site might let you select a gift, but eventually, it will ask for sensitive information. Sensitive information could be financial data or credentials for a bank account.

For many of these sites, the promise is to send a gift in exchange for a small shipping fee. You’re asked to enter your credit card number to pay for the give, which gives the attacker your financial data. Unless you order products from an official business website, never enter your credit card into an unfamiliar site offering “free” gifts.

Read Blog: Top Tips for MSPs: Protecting Customers from Phishing and Ransomware

 

Cybersecurity Tools

Organizations can use cybersecurity tools to stop most phishing attacks. Spam filters block spoofed sender addresses, and more sophisticated cybersecurity tools will analyze content and block it form reaching the recipient’s inbox. If the email message never reaches the intended recipient, it greatly reduces the risk of credential and enterprise data theft. Messages are quarantined, which gives administrators a way to ensure that important messages aren’t flagged as false positives.

 

Cybersecurity Training

Educating users is also helpful. Users should know that these sites promising gifts for simply browsing a website should never be trusted, especially if the initial contact comes from an email address. Whenever the user receives an email promising to send gifts, always type the domain name for the official site into their browser. Any site that asks for financial data should be researched. Don’t simply enter a credit card into a site without knowing if it’s a legitimate business, because it could be a phishing scam.

Although education is useful, it should not be the only cybersecurity defense against phishing. Organizations must use a combination of email and content filters with education to improve protection against a phishing campaign. Users should be encouraged to report any suspicious email messages and suspected phishing so that administrators can further investigate the issue. If email messages never reaches the user’s inbox, it’s the best defense from sophisticated attacks.

TitanHQ provides sophisticated multi-layered security to protect organizations from phishing attacks. TitanHQ was recently awarded 4 Expert Insights awards, recognizing the strength of our advanced email and web security solutions. Start 14-day free trial of our layered security solutions.