Monday, April 12, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Security

Microsoft details the most clever phishing techniques it saw in 2019

December 12, 2019
in Internet Security
Microsoft details the most clever phishing techniques it saw in 2019
586
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

Image: Microsoft

Earlier this month, Microsoft released a report on this year’s malware and cyber-security trends. Among the few trends highlighted in the report was that phishing was one of the few attack vectors that saw a rise in activity over the past two years.

Microsoft said that phishing attempts grew from under 0.2% in January 2018 to around 0.6% in October 2019, where 0.6% represented the percentage of phishing emails detected out of the total volume of emails the company analyzed.

You might also like

Ransomware: The internet’s biggest security crisis is getting worse. We need a way out

Washington State educational organizations targeted in cryptojacking spree

Critical Zoom vulnerability triggers remote code execution without user input

While phishing attacks increased, the number of ransomware, crypto-mining, and other malware infections went down, the company said at the time.

In a blog post published today, the Redmond-based tech giant reviewed three of the more clever phishing attacks it seen this year.

Hijacking search results

The first is a multi-layered malware operation through which a criminal gang poisoned Google search results. The scheme went as follows:

– Crooks funneled web traffic hijacked from legitimate sites to websites they controlled
– The domains became the top Google search result for very specific terms
– Phishers sent emails to victims linking the Google search result for that specific term
– If the victim clicked the Google link, and then the top result, they’d land on an attacker-controlled website
– This website would then redirect the user to a phishing page

fig1-phishing-poisoned-search-results.png

Image: Microsoft

One might think that altering Google search results takes a gigantic amount of effort, but this was actually pretty easy, as attackers didn’t target high-traffic keywords, but instead focused on gibberish like “hOJoXatrCPy.”

Furthermore, Microsoft said “the campaign was made even stealthier by its use of location-specific search results.”

“When accessed by users in Europe, the phishing URL led to the redirector website c77684gq[.]beget[.]tech, and eventually to the phishing page. Outside Europe, the same URL returned no search results,” the company said.

Abusing 404 error pages

Another clever trick used by phishers this year was first spotted in a phishing campaign Microsoft detected back in August and documented in this Twitter thread.

The 404 Not Found page tells you that you’ve hit a broken or dead link – except when it doesn’t. Phishers are using malicious custom 404 pages to serve phishing sites. A phishing campaign targeting Microsoft uses such technique, giving phishers virtually unlimited phishing URLs.

— Microsoft Security Intelligence (@MsftSecIntel) August 13, 2019

This campaign is deviously clever.

While most phishing emails include a link to the phishing URL they want to lure users on, for this campaign, attackers included links that pointed to non-existent pages.

When Microsoft’s security systems would scan the link, they’d receive a 404 error back (because the link didn’t exist), and Microsoft would deem the link safe.

However, if a real user accessed the URL, the phishing site would detect the user and redirect them to an actual phishing page instead of the server’s standard 404 error page.

fig4-phishing-404-not-found-error-page.png

Image: Microsoft

Microsoft said that when this trick was coupled with techniques like subdomain generation algorithms and changing the main domain at regular intervals, attackers could generate “virtually unlimited phishing URLs.”

MitM-based phishing

A third phishing trick that Microsoft wanted to highlight as a clever phishing attack this year was one that made use of a man-in-the-middle (MitM) server. Microsoft explains:

“One particular phishing campaign in 2019 took impersonation to the next level. Instead of attackers copying elements from the spoofed legitimate website, a man-in-the-middle component captured company-specific information like logos, banners, text, and background images from Microsoft’s rendering site. […] The result was the exact same experience as the legitimate sign-in page, which could significantly reduce suspicion.”

This MitM-based technique isn’t perfect, though, as the phishing site’s URL is still visible in the address bar, just like on any other phishing site.

This means that even if users could be tricked by the perfectly-looking login page, they can avoid disasters by closely inspecting the page’s URL.

fig7-phishing-microsoft-rendering-site.png

Image: Microsoft


Credit: Zdnet

Previous Post

Amazon Redshift turns AQUA | ZDNet

Next Post

How to Get C-Suite Approval for Competitive-Intelligence Initiatives

Related Posts

Ransomware: The internet’s biggest security crisis is getting worse. We need a way out
Internet Security

Ransomware: The internet’s biggest security crisis is getting worse. We need a way out

April 12, 2021
Washington State educational organizations targeted in cryptojacking spree
Internet Security

Washington State educational organizations targeted in cryptojacking spree

April 10, 2021
Critical Zoom vulnerability triggers remote code execution without user input
Internet Security

Critical Zoom vulnerability triggers remote code execution without user input

April 10, 2021
Nation-state cyber attacks targeting businesses are on the rise
Internet Security

Nation-state cyber attacks targeting businesses are on the rise

April 10, 2021
These are the terrible passwords that people are still using. Here’s how to do better
Internet Security

These are the terrible passwords that people are still using. Here’s how to do better

April 9, 2021
Next Post
How to Get C-Suite Approval for Competitive-Intelligence Initiatives

How to Get C-Suite Approval for Competitive-Intelligence Initiatives

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

Ransomware: The internet’s biggest security crisis is getting worse. We need a way out
Internet Security

Ransomware: The internet’s biggest security crisis is getting worse. We need a way out

April 12, 2021
Data Center Infrastructure Market is Projected to Reach USD 100 Billion by 2027
Data Science

Data Center Infrastructure Market is Projected to Reach USD 100 Billion by 2027

April 12, 2021
Hawaiʻi’s Keck Observatory Aids in Discovery of Rare “Quadruply Imaged Quasars”
Machine Learning

Hawaiʻi’s Keck Observatory Aids in Discovery of Rare “Quadruply Imaged Quasars”

April 12, 2021
Interpretive Analytics in One Picture
Data Science

Interpretive Analytics in One Picture

April 12, 2021
AI and Machine Learning Driven Contract Lifecycle Management for Government Contractors
Machine Learning

AI and Machine Learning Driven Contract Lifecycle Management for Government Contractors

April 12, 2021
Cambridge Quantum Computing Pioneers Quantum Machine Learning Methods for Reasoning
Machine Learning

Cambridge Quantum Computing Pioneers Quantum Machine Learning Methods for Reasoning

April 11, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • Ransomware: The internet’s biggest security crisis is getting worse. We need a way out April 12, 2021
  • Data Center Infrastructure Market is Projected to Reach USD 100 Billion by 2027 April 12, 2021
  • Hawaiʻi’s Keck Observatory Aids in Discovery of Rare “Quadruply Imaged Quasars” April 12, 2021
  • Interpretive Analytics in One Picture April 12, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates