IZOOlogic - Phishing Protection

Dubai’s largest bank has cautioned clients to be careful with another phishing email trick which professes to offer VAT discounts.
Emirates NBD cautioned that an email with the headline VAT Refund Notification, professing to be from the bank, ought not to be opened.

“We ask you to be very watchful and dependably check the source before tapping on any connections or connections in messages,” the bank said on its site.

It included that Emirates NBD could never request individual points of interest, for example, account number, on the web and portable saving money accreditations, and charge or Visa subtle elements.

The notice was cheered by Jeff Ogden, general administrator – Middle East at Mimecast, who stated: “Tank discount tricks are basic in nature yet are a decent sign of the recurrence, assortment and the local specificity of email pantomime assaults.

“In spite of the fact that these underlying assaults don’t seem to convey malware, stolen certifications or individual data can be utilized for follow-up assaults on a wide range of associations. Buyer and worker mindfulness is vital to help stop these digital assaults and it’s incredible to see Emirates NBD on the instructive tally hostile with incite admonitions and recordings via web-based networking media.”

Phishing attacks, where criminals try to lure sensitive information from customers, such as banking passwords via an email claiming to be a reputable company, are commonplace across the globe. According to cloud-based email management company Mimecast’s second-annual State of Email Security report, more than 90 per cent of global organizations said the volume of phishing attacks have increased or stayed the same in the past 12 months.

Mimecast’s second-yearly State of Email Security report uncovered that in excess of 90 percent of worldwide associations detailed the volume of phishing assaults have expanded or remained the equivalent in recent months.

Mimecast is a universal organization gaining practical experience in cloud-based email administration for Microsoft Exchange and Microsoft Office 365, including security, chronicling, and coherence administrations to ensure business mail.

 

Clickbait Scam

Getting tricked is the classic way of how criminals try to take advantage of people they want to steal from, and click baiting is one of the cyber classics to do it. With accompanied technical knowledge the success rate of hackers and criminals has shoot up and they became more productive and active on doing it.
People has to be more careful when it comes to clickbait, because it has been socially engineered to improve their success on someone clicking a scam link leading to a scam site by spamming both generic and personalized email. Personalizing click bait email has a higher success rate, but now that people are also more aware of it the success rate of course was lessened, however criminals found an alternative way to spread click bait for their phishing activities.

Social Media Clickbait

Spear phishing still has a high percentage rate of success which clickbait method falls into. Now that the social media platform has become more popular these days, criminals are taking advantage of it to look for their prey.
It is somehow a phenomenon that people these days are more trusting to social media outlets such as Facebook, and Twitter. One proof is that most fake news articles were propagated through these social media platforms where catchy and interesting phrases, and headlines were used to lure people and click the link to be taken to a site which hosts a fake content.
Criminals now use social media platforms and spread their activities through clickbait by handcrafting catchy tweets and posts by manually looking for targets. But it is also possible to hunt their targets with specific profiles such as titles with CEOs and other executive positions, or by looking into people who are active users by writing a program that could data mine users’ tweets and posts by doing a search on the whole website. Hashtags in social media platform are filterable and searchable, through these they can be mined into raw data to be analyzed and become a potential target.
It is also possible that mined data can be used to feed it to a machine learning system to generate tweets or posts that would more likely get the attention of group of people to retweet/repost it or click the link within the tweet/post. Imagine an AI that can create viral posts and tweets.
Combining the techniques above through profiling and socially engineering posts and tweets, criminals could potentially become more productive and rampant as ever to be used for phishing and scam attacks.

What to do?

Most likely, sophisticated attacks such as mentioned above targets the elites and gullible enough to click on a phishing link. Fodder targets are those people who spread through retweets and reposts in order to make a certain click bait post popular.
Since the attacks are sophisticated, a sophisticated phishing solution must be used to counter and mitigate such attacks. Having a team/department equipped with Phishing intelligence and Anti Phishing solution strategies will be a big help in battling the more immersive threat of in the cyber landscape.

Phishing via Misspelling
Phishing, no matter what form it takes is now considered to be the #1 security threat affecting users and their devices. While most phishing techniques have remained a stable cyber-attack over the years, affecting users on computers for as long as the internet has been around, hackers have learned to take advantage of one unsuspecting element, the users.
Several technological researches suggest that a user is 3x more likely to fall victim to a phishing attack on their own devices (Mobile or PC). There are a number of reasons as to why this is the case; one example is the lack of screen real-estate mobile devices provide, and when browsing, it’s easy to simply navigate to a specific URL without realizing it’s a phishing site.
Users simply don’t expect these things to happen on their PC or mobile devices, which they essentially trust, of course.
To show an example, we have considered a few major brands that are popular to most users.

• Google
• Apple
• Paypal
• Microsoft
• Facebook

These brands are explicitly “trusted” by their users because of their reputation. And they have their
own online platforms that users interact with at a regular basis, regardless if it’s via PC or mobile.
Cyber-attackers, of course, know how to take advantage of this trust. They generate domains or webpages that contain these brand names to increase the probability of users providing these fake sites with their personal information. And the unfortunate thing is, users are falling for it.
For example, imagine the domain name: www.facebook.photos.login. This can easily be a malicious domain. Keep in mind, this is not the same domain as www.facebook/photos/login. The full stops mean this is in fact a subdomain, one that in all probability is not owned by Facebook.
This subdomain can therefore be registered by any user, making it an appealing target for cyber-attackers looking to exploit victims. With limited screen real estate for mobile devices, it’s especially difficult to gauge the difference between a legitimate domain and a spoofed subdomain.
Users are more than likely to mistake a familiar looking phishing link for a legitimate one, especially with the advanced phishing techniques cyber-attackers are using today. This simply goes to show that regardless of the brand name, keyword or channel used, even the most legitimate looking links cannot be trusted.
In this case, hackers are placing their bets on you casually neglecting the subtle irregularities in their malicious URLs. This is much easier to do than you might first anticipate. Think about the numerous
times you’ve misspelled a domain when you’ve typed it into your browser, especially when you’ve entered it on your phone (with a small keyboard and even smaller font).
So when you look at:
www.amazon.com/home….
www.amazo.com/home…
There really isn’t much of a difference unless you’re looking very, very closely.
It’s always good to arm yourself with knowledge and understand the fact that regardless of the apparent authenticity of a message or URL, it’s always important to double, triple and quadruple analyze not only the domain itself, but the source of the message and the logic behind it.