How Modern Phishing Emails Disguise Themselves

With the massive quantities of emails sent each day, coupled with the myriad methods that attackers use to blend in, identifying the strange and malicious is more complicated than ever. An obscure Unicode character in a few emails is innocuous enough, but when a pattern of emails containing this obscure character accompanied by other HTML quirks, strange links, and phishing pages or malware is observed, it becomes an emerging attacker trend to investigate. These kinds of trends are closely monitored to gain insight into how best to protect consumers.

We Want To Give You A Free Cyber-Security Risk Assessment That Gives You The Answers You Want And The Certainty You Need

https://www.impresscomputers.com/cyberaudit/

In this post we will shine light on the techniques that are prominently used in many recent email-based attacks. These techniques have been highlighted based on their observed impact to organizations, their difficulty towards detection, and their relevance to active email campaigns. They masquerade using the logos of trusted companies, and evade detection by using web practices that are typically benign;

  • Text padding with invisible characters
  • Brand impersonation with procedurally generated graphics
  • Zero-point obfuscation
  • Victim-specific URI

Attackers have been observed employing these tricks to gain initial access to network. Although these presented examples have bene primarily presented in credential theft attacks, any of these techniques may be easily adapted to deliver malware.

By Spotting these trends in the landscape of threats, we can quickly respond to potentially delicious behavior. The knowledge gained from these investigations we can improve security and allow users to become aware of dangerous malware. Security solutions such as anti-virus software and anti-malware software are helpful in delivering beneficial security and protection against these latest of attacker trends.

 

We Want To Give You A Free Cyber-Security Risk Assessment That Gives You The Answers You Want And The Certainty You Need

https://www.impresscomputers.com/cyberaudit/