So far it was clear: an email with a strange link - hands off! But now the phishing gangsters have come up with a new trick to deceive users without any links. But even these fraud attacks can be identified and neutralized in time with a little attention.
It is the eternal "game" between security specialists and cyber crooks: who is faster, more creative and has the longer breath. True to this motto, the internet villains have come up with something new again: phishing emails without a link.
Most phishing emails have three main components
- An email with a link that the user should click.
- A fake website on which the user is supposed to log in.
- Another or the same website that transmits the login data to the gangsters
SophosLabs have now analyzed two unusual phishing attacks that take a different route. With these, the request to log in is not via a link, but via an HTML attachment. With this "bring your own website" trick, the cyber crooks are pursuing two intentions:
- There is no link in the phishing email to check for fake or suspicious domain names in advance.
- The URL in the address bar is a harmless looking local file name with no website name or HTTPS certificate. Here, too, an examination for signs of fraud is difficult for the user.
Mindfulness of the user should be undermined
With this approach, the mail senders try to undermine the attentiveness of the users. The most important goal is to convince the user of the supposed harmlessness of the attachment and thus to overcome one of the most difficult hurdles in their hunt for login data, which in this case should be extracted via the attached website. If this does not happen, users should prevent such phishing attacks with the following tips:
- Ignore HTM or HTML attachments if possible
- Use of two-factor authentication
- Use effective web filtering
And of course, if a phishing attack is suspected, the IT security department should be informed immediately and the password of the relevant service changed.
More on this at Sophos.com
About Sophos More than 100 million users in 150 countries trust Sophos. We offer the best protection against complex IT threats and data loss. Our comprehensive security solutions are easy to deploy, use and manage. They offer the lowest total cost of ownership in the industry. Sophos offers award-winning encryption solutions, security solutions for endpoints, networks, mobile devices, email and the web. In addition, there is support from SophosLabs, our worldwide network of our own analysis centers. The Sophos headquarters are in Boston, USA and Oxford, UK.