Like many other security issues that now affect computer users, there is a growing threat known as phishing". Phishing attacks are perpetrated by criminals who send deceptive emails in order to lure someone into visiting a fraudulent web site or downloading malicious software, expressly for stealing sensitive information such as credit card numbers, account information, passwords, etc.
Cyber criminals continue to evolve and refine their attack tactics to evade detection and use techniques that work. Spear phishing emails are on the rise because they work. We have notice many times that Spear Phishing Attacks are really Successful in order to compromise Enterprise Networks and Stealing Data.
From last one month I was getting mails from an unknown spoofed email id regrading a paypal warning with subject "Your account has been limited until we hear from you !" Guess what, even I am not using that email for my Paypal account, from here I just judge that it's a regular spam mail and ignore that most of the time week before.
Today I again receive a similar mail, and this time I was amazed to notice a tricky URL given in mail to click, as shown in the screenshot. Cyber criminals start making some very smart spoofed URL in sub domain, that can trick most of the victims ( even me for a second ).
Phishing is not just a small-time operation. Phishing is a business, and billions of dollars are being made by criminals while consumers and businesses are left to suffer the consequences. There are gangs of phishers organized all over the world. I was estimating that, if phishers are flooding out 50000 email viewers a day, this trick will surely work on atleast 1 % users = 500 victims, i.e if each have minimum 100 USD in each account, then per day income of an phishing criminal is, $500 x 100 = $50,000 / Day - COOL ?
Anyway, I am not counting benefits of being an online criminal :P , coming back to point -- A smart trick to abuse URLs .
From last one month I was getting mails from an unknown spoofed email id regrading a paypal warning with subject "Your account has been limited until we hear from you !" Guess what, even I am not using that email for my Paypal account, from here I just judge that it's a regular spam mail and ignore that most of the time week before.
Today I again receive a similar mail, and this time I was amazed to notice a tricky URL given in mail to click, as shown in the screenshot. Cyber criminals start making some very smart spoofed URL in sub domain, that can trick most of the victims ( even me for a second ).
Phishing is not just a small-time operation. Phishing is a business, and billions of dollars are being made by criminals while consumers and businesses are left to suffer the consequences. There are gangs of phishers organized all over the world. I was estimating that, if phishers are flooding out 50000 email viewers a day, this trick will surely work on atleast 1 % users = 500 victims, i.e if each have minimum 100 USD in each account, then per day income of an phishing criminal is, $500 x 100 = $50,000 / Day - COOL ?
Anyway, I am not counting benefits of being an online criminal :P , coming back to point -- A smart trick to abuse URLs .
Tips :
1.) Notice each URL carefully before clicking
2.) Avoid clicking on links or opening attachments in emails from an unknown sender in an attempt to avert phishing
Most of the time, people ask - Which is the best security product or Antivirus that can protect them from such malwares, scams or attacks ? Yes, we call it - Common Sense (Sorry not available in stores). Be regular on The Hacker News or subscribe to Daily Newsletter, for updated security news and have daily dose on security !