Microsoft warns of elaborate new cybercrime scheme to steal your login details phishing
Cybersecurity researchers at Microsoft have shared details of a comprehensive credential phishing campaign that uses open redirector links to lure users into clicking.
Legitimate sales and marketing campaigns often rely on open redirects to track click rates and lead customers to a particular landing page.
“However, attackers could abuse open redirects to link to a URL in a trusted domain and embed the eventual final malicious URL as a parameter. Such abuse may prevent users and security solutions from quickly recognizing possible malicious intent,” warn the researchers.
While the abuse of open redirects isn’t a novel approach, the attackers in the current campaign combine these links with social engineering tricks by impersonating popular tools and services to trick users to click the fake links.
Hook, line, and sinker
Unraveling the details of the campaign, the researchers say that the links lead to not one, but several redirects, and even throw a Captcha verification page, in a bid to fool users into thinking that the page is above-board.
Once the users answer the Captcha, the attackers take them to the fake sign-in page of a legitimate service.
The researchers suggest that phishing attacks make use of open redirects because a casual inspection of the URL from inside an email client will display a trustworthy domain name, encouraging users to click the link.
“Likewise, traditional email gateway solutions may inadvertently allow emails from this campaign to pass through because their settings have been trained to recognize the primary URL without necessarily checking the malicious parameters hiding in plain sight,” reason the researchers.
Another aspect of the campaign that shows the commitment of the threat actors behind it, is that it relies on a huge number of domains, at least 350 unique ones, which is another attempt at evading detection.
Cybersecurity researchers at Microsoft have shared details of a comprehensive credential phishing campaign that uses open redirector links to lure users into clicking. Legitimate sales and marketing campaigns often rely on open redirects to track click rates and lead customers to a particular landing page. “However, attackers could abuse open…
Recent Posts
- Microsoft is mulling a change for widgets in Windows 11 that could prove controversial
- What to look for in your first turntable in 2024
- ICYMI: the 8 biggest tech news stories from Boston Dynamic’s new robot to Sony’s OLED-beating Micro-LED TV tech
- Obscure $10 billion chip firm you never heard of finally delivers crucial tech for AI future — Astera Labs showcased its Aries 6 PCIe retimer board as it targets future Nvidia HGX boards
- Controversial US surveillance program (briefly?) lapses amid congressional dysfunction
Archives
- April 2024
- March 2024
- February 2024
- January 2024
- December 2023
- November 2023
- October 2023
- September 2023
- August 2023
- July 2023
- June 2023
- May 2023
- April 2023
- March 2023
- February 2023
- January 2023
- December 2022
- November 2022
- October 2022
- September 2022
- August 2022
- July 2022
- June 2022
- May 2022
- April 2022
- March 2022
- February 2022
- January 2022
- December 2021
- November 2021
- October 2021
- September 2021
- August 2021
- July 2021
- June 2021
- May 2021
- April 2021
- March 2021
- February 2021
- January 2021
- December 2020
- November 2020
- October 2020
- September 2020
- August 2020
- July 2020
- June 2020
- May 2020
- April 2020
- March 2020
- February 2020
- January 2020
- December 2019
- November 2019
- December 2011