A phishing attack masked behind a date in the domain – Are we even safe anymore?

Recently, Terence Eden, a UK-based technologist blogged on a domain that was similar to an authentic domain, but came with a date in it – it was a phishing attack!

Can you spot a difference between ‘ee.co.uk’ and ‘ee.co.uk.billing-update-jan02[.]info.’? Probably not that much. If I were you, I would have thought that the later link belonged to the same domain. So, if you had an account on ‘ee.co.uk’ you might have fallen into the trap of this scammer.

As much as we love the internet, it is actually becoming a hub of phishing attacks with scammers trying to get their hands on our personal data. This phishing attack is not an exception. Although new of its kind, this attack is targeted on the users to steal their data.

Eden caught the scam when one of his family member received a message from the scammer. The message was sent from a local mobile carrier EE. Luckily, none of the Eden's family members have an account on the EE, which is why they were safe, but what if someone accidentally fall for this scam?

On clicking the link, a domain similar to EE will open up that will ask you for your email and password. You might not be able to question the authenticity of the domain if you are in haste and checked in the message.

It also has an SSL certificate from Let’s Encrypt, which can make users think that it is a legit and secure website. Not to mention the date in the link that is the same as the date when the text is sent to the user.


Beware! SMS phishing attack masked behind a date in the domain

No matter where technology is going, we still do not have good technical gatekeepers to keep us safe. So, it is necessary that we rely on our own expertise.

Browsers have already flagged this fake domain and the users will be warned from visiting it. However, similar websites are still up that can steal your personal information. Internet certificate authorities are also responsible for not having a proper check on their SSL services.

Read next: Hackers are Utilizing Facebook's "Notes" Tools in their Latest Phishing Campaign to Target Page Admins!

Featured photo: ihamoostudio / Freepik

No comments:

Post a Comment