Cybercriminals are continuously changing their ways for attacks through a new phishing scam which is capable of bypassing old-style URL defense

Cybercriminals are continuously trying new ways to trick you so that they cannot get detected by security researchers. Many people are unfortunately becoming the victims of such criminals, now through a new phishing scam, which is basically a fraudulent game of deception by which the attacker gets your sensitive information such as username, passwords, credit card information, etc by sending you unknown links from different sources. Many people unintentionally click such links and give their personal information by thinking that these are trusted links and consequently lose their data. These criminals sometimes after taking your personal information give you threats and sometimes, they blackmail different people they fell prey.

These types of attacks are pretended to be a trusted entity and trick the users to open an email or instant message, the user is induced into downloading an attachment, clicking a link by providing sensitive information. Recently, these scammers have found a new phishing campaign that can bypass the old URL security. Now these attackers are trying to change the letters of famous websites’ URLs which many people use on a daily basis, by changing their URL slightly, people wrongly go to the fake pages, that is how these attackers grab their prey. These attackers change the symbol that is used at the start before the URL. Many people do not concentrate on the URL of popular websites and these popular websites have large traffic on their platform, so there is more chance for the scammer to trick more people.

These criminals slightly change the URL in a new phishing campaign such as in place of HTTP://, they use HTTP:/\ at the start of the URL, there is more chance that many people will not concentrate and will think that it is an original URL.

People should use different security methods such as antivirus software or ransomware protection to minimize the risk of a phishing scam. According to the report of the Great Horn a Threat Intelligent Agency, this malformed attack of URL was first reported at the end of last year, and then these attacks were increased. Now in the first two months of this year, these attacks have increased up to 6,000 percent which is an alarming situation for us. Because none of us want to lose our sensitive data.

The main aim of phishing scams is to target pharmaceutical, lending, and construction companies more than any other user. An organization using Office 365 are getting more attacks than those using Google Workspace, as one attack was identified by Great Horn, in which a user was tricked through a phishing email, by which he landed on a fake page who was using Office 365 login page. Some people may unintentionally give their email and important information to these attackers which are found in their cloud storage.

Organizations should train their employees on how to deal with such suspected emails if they receive and should immediately remove such emails containing URLs that match the threat pattern and remove them.

Creator: Yuichiro Chino / Credit: Getty Images

Read next: Android 12 to get a great security and privacy feature but this time for microphone and camera, the user will get the liability to either mute these components or allow them to run

No comments:

Post a Comment