New research from this cyber security leader shows how hackers are evolving streamlined templates that make phishing attacks easier, stealthier, & more effective
The recent bouts of Business Email Compromise (BEC) in the marketplace serve as a vital reminder of how even the most prominent IT infrastructures are vulnerable to cyberattacks, especially via their email data. In light of this, software-as-a-service (SaaS) email security company Trustifi is educating business users about the newest trends in “Phishing Kits,” an alarming phenomenon where hackers sell prefabricated templates, empowering criminals to more quickly and effectively conduct precision attacks. These kits are growing more sophisticated, enabling non-technical thieves to scam employees out of funds, data, or personal identifying information.
Trustifi outlines emerging developments that hackers have devised to increase the effectiveness of such kits in a new cybersecurity report, “Prominent Phishing Techniques Hackers Are Using Today – 2021.” The result of in-depth market examination, the report identifies several concerning trends, including the ability for hackers to control the incident in real time, circumvent anti-phishing bots, extend the lifespan of a typical attack, generate QR codes, and dupe victims into entering their passwords multiple times to enhance accuracy.
Phishing kits are a collection of back-end scripts that make it easier for malicious coders to prepare a fraudulent web site, typically mimicking the look of a major bank or online ecommerce site. Hackers use the kits as shortcuts, to mount attacks with minimal effort and expertise. The more effective, undetectable, and evasive the kit, the higher a price it fetches. This phenomenon has created a criminal market akin to “Phishing as a Service,” where hackers purchase the rights to innovative, pre-existing phishing software, empowering them to rapidly launch an attack.
Trends uncovered by Trustifi’s research include:
- Anti-bot protection: The “Spox” phishing kit (which impersonates the Chase Bank) has developed an “Anti-Bot” response that redirects security bots to a 404 error page, or to the actual brand’s website. The anti-phishing mechanism therefore receives no content from the false page, so it can’t identify the attempt as malicious.
- Repeat password entry: Hackers have learned that users statistically mistype their passwords on the first entry—sometimes deliberately, to foil phishing attempts. Malicious actors have therefore adjusted their templates, informing victims that they’ve entered the wrong password for the first two attempts, regardless of how it was actually entered. This decreases the amount of incorrect credentials gathered by each instance of phishing.
- Real-time phishing: A Brazilian kit (impersonating Banco Itaú Empresas) allows hackers to control the phishing attack in real-time. E.g., a fake diagnostic page tells the victim their banking application is outdated. The update button forwards the victim to their next template, which impersonates the bank’s log-in page. The unsuspecting victim sees only the bank’s loading GIF. Meanwhile the attacker has time to decide which phishing page to load next, based on website data the illegal software is rapidly refreshing.
- Use of QR codes: The Banco Itaú Empresas kit can also generate a QR code, which is now required to transfer funds via this country’s PIX instant payment system, just launched in November.
“Malicious coders continue to develop more shrewd and capable techniques, which are being sold to the highest bidder. The market provides cyber criminals with a terrific incentive to continue to hone their merchandise,” said Rom Hendler, CEO at Trustifi. “Both businesses and consumers need to be aware of these new vulnerabilities and rethink their approach to security, seeking equally inventive ways to protect themselves from a potentially devastating breach. State-of-the-art email encryption applies complex algorithms and AI-powered automation to identify and ‘quarantine’ these increasingly devious threats as they reach the user’s inbox, dramatically reducing the risk of victimization.”
Trustifi’s solutions take a revolutionary approach to cyber security, leveraging a proprietary cloud storage system to deliver additional control over how users can manipulate sent mail. These solutions encrypt emails in the cloud, before those messages pass through the recipient’s gateway. This gives users far more flexibility to retract, change, or alter the recipient list within messages they’ve already sent.
Managed service providers and business organizations can find out more about Trustifi.com’s email encryption cyber security solution at www.trustifi.com.
Trustifi is a cyber security firm featuring solutions delivered on a software as a service platform. Trustifi leads the market with the easiest to use and deploy email security products providing both inbound and outbound email security from a single vendor. The most valuable asset to any organization, other than its employees, is the data contained in its email, and Trustifi’s key objective is keeping clients’ data, reputation, and brand safe from all threats related to email. With Trustifi’s Inbound Shield, Data Loss Prevention, and Email Encryption, clients are always one step ahead of attackers. For more information, visit www.trustifi.com.