The Limited Times

Now you can see non-English news...

Photos and special characters to launch phishing attacks

2023-03-27T07:30:16.663Z


Three methods hitherto little exploited by cybercriminals (ANSA) Researchers at computer security company Barracuda Networks have identified three new ways hackers launch their phishing attacks. These are intrusions conveyed via email and chat, which push users to open files or click on malicious links. In particular, the experts analyzed the data from the phishing emails blocked by their systems, to discover three methods hitherto underused by criminals. The f


Researchers at computer security company Barracuda Networks have identified three new ways hackers launch their phishing attacks.

These are intrusions conveyed via email and chat, which push users to open files or click on malicious links.

In particular, the experts analyzed the data from the phishing emails blocked by their systems, to discover three methods hitherto underused by criminals.

The first involves the use of Google Translate via the web to disguise a scam site: the attackers create pages with an incomprehensible language and then provide the link to Google's online translation service.

At that point, the platform returns a link that 'hides' the main one,

adding the Google Translate suffix which is not perceived as malicious by antivirus software.

The second method is based on the increasing use of textless images in email attacks.

These images, which may consist of fake forms such as invoices, include a link or a telephone number which, if clicked, leads to the installation of a malicious code, a virus, without the user noticing.

Because these attacks don't include any text, traditional email security systems struggle to detect them.

Finally, to evade computer security measures, hackers often use special characters, such as code points, punctuation, non-Latin alphabets or spaces, which, when used in a phishing email, are not visible to the recipient.

In this way, it is possible to hide parts of a web address within a disguised text, to make the legitimate link appear, perhaps of a known site, inside which, however, there is actually the address of a fake page , created ad-hoc to deceive surfers.

"Phishing is typically the starting point for many hacking attacks, including ransomware, financial fraud, and credential theft," said Olesia Klevchuk,

product marketing director, Email Protection at Barracuda.

"To defend yourself, you need AI-enhanced protection that can analyze context, subject and sender, and determine whether a seemingly harmless message is actually a well-camouflaged attack."

Source: ansa

All life articles on 2023-03-27

You may like

Life/Entertain 2024-02-29T11:04:26.154Z

Trends 24h

Latest

© Communities 2019 - Privacy

The information on this site is from external sources that are not under our control.
The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them.