The number of phishing attacks is still increasing and cybercriminals are using some simple techniques to ensure that their malicious emails bypass security protections and bayonets for downloading malware. their credentials.
Researchers at computer security firm IronScales examined more than 25.000 malicious emails that bypassed the security of inbox over a period of three months and found that instead of using advanced techniques, many of them attacks just mix users into fake websites.
Often, these sites are large companies such as Microsoft, PayPal, banks and retailers and encourage users to enter personal credentials. If the user provides this information, they fall into the hands of their criminals cyberspace who can use it any way they want, either to commit fraud or theft, or to sell credentials to others in dark forums.
In almost half the cases, the images were blurry - a sign that the images were copied from the actual website and placed on a fake one. In one quarter of the cases, the picture had changed and appeared stretched or elongated. In both cases, it's usually a sign that something is wrong.
Meanwhile, in about 15 percent of cases, phishing websites are designed to look different from the real version. In many cases, these fake pages have been redesigned themselves.
In about one in ten cases, the phishing page seems almost legitimate, but the attackers have chosen outdated images or messages on their fake site. This can happen if a company has changed the logo or the brand and the attackers have not paid attention to the websites they are trying to emulate.
In five percent of cases, the online phishing site will look and sound a lot like the company trying to imitate the attackers, but it has an unusual sense of urgency for visitor, whether it's a threat that something is wrong or telling them that they need to enter their details immediately in order to access account their.
Researchers say that in many cases, users do not notice these signs and fall victim to phishing sites: they do not see an unexpected change, even when hidden.
However, if users take a few seconds to look at suspicious emails and websites, clear clues can quickly emerge. messages or the website that is fake.
“Look for common errors, sometimes emails seem legitimate, but these could work out that they are not. Stay above the links and see where they really go - for example, go to their actual address Apple? ”Says Eyal Benishti, CEO of Ironscales.
And if users really think they should enter them credentials they are advised to go straight to the website that the email claims to be linking to, in order to avoid the possibility of clicking on a malicious site and submitting their information.
"If you receive an email claiming to come from a website, don't follow the link but go to the actual site by typing in the main URL instead of following the link," he said.
And if this happens in the corporate environment, the best thing to do is to let the IT team know about anything suspicious or unexpected.