• Magazine
    • FEBRUARY 2022
    • JANUARY 2022
    • CISO MAG – Archives
  • NEWS
    • GOVERNANCE
    • STARTUPS
    • BUDGET
    • WORKFORCE
    • PARTNERSHIPS
    • THREATS
    • DATA PRIVACY
    • Regulations & Compliance
  • FEATURES
    • Careers
    • Explainers
    • Market Trends Report
    • One Quick Question
    • Trends and Predictions
  • PODCASTS
  • Get Featured
    • READING ROOM
    • INTERVIEWS
    • WHITEPAPERS
    • INFOGRAPHICS
    • MARKET TRENDS REPORT
      • GLOBAL BLOCKCHAIN IMPACT
      • SECURITY INTELLIGENCE REPORT
      • CLOUD FORENSICS
      • DIGITAL FORENSICS
      • CYBERSECURITY HIRING
      • DATA SECURITY
      • ENDPOINT SECURITY
    • INNOVATOR’S CORNER
    • HOTSPOT
    • SPECIAL FEATURES
  • Videos
    • VIDEO INTERVIEWS
    • EVENT VIDEOS
    • WEEKLY NEWS
  • WEBINARS
  • EVENTS
    • Upcoming Events
    • Endorsed Events
    • E-Events
    • Masterclass
Search
Friday, May 20, 2022
  • About us
  • Advisory Board
  • Careers
  • Write for CISO MAG
  • Editorial Calendar
CISO MAG  - News and Updates| Cyber Security Magazine CISO MAG | Cyber Security Magazine
CISO MAG  - News and Updates| Cyber Security Magazine CISO MAG  - News and Updates| Cyber Security Magazine
  • Magazine
    • FEBRUARY 2022
    • JANUARY 2022
    • CISO MAG – Archives
  • NEWS
    • GOVERNANCE
    • STARTUPS
    • BUDGET
    • WORKFORCE
    • PARTNERSHIPS
    • THREATS
    • DATA PRIVACY
    • Regulations & Compliance
  • FEATURES
    • PSTI IoT Bill, Common IoT Attacks

      3 Common IoT Attacks that Compromise Security

      Steganography attack

      How to Prevent Steganography Attacks

      Brainjacking

      How Brainjacking Became a New Cybersecurity Risk in Health Care

      Malicious QR Codes

      How Cybercriminals Exploit QR Codes to Their Advantage

      Cybercriminal Group Names

      Smart or Stupid? Cybercriminal Group Names Decoded!

      AllCareersExplainersMarket Trends ReportOne Quick QuestionTrends and Predictions
  • PODCASTS
  • Get Featured
    • READING ROOM
    • INTERVIEWS
    • WHITEPAPERS
    • INFOGRAPHICS
    • MARKET TRENDS REPORT
      • GLOBAL BLOCKCHAIN IMPACT
      • SECURITY INTELLIGENCE REPORT
      • CLOUD FORENSICS
      • DIGITAL FORENSICS
      • CYBERSECURITY HIRING
      • DATA SECURITY
      • ENDPOINT SECURITY
    • INNOVATOR’S CORNER
    • HOTSPOT
    • SPECIAL FEATURES
  • Videos
    • VIDEO INTERVIEWS
    • EVENT VIDEOS
    • WEEKLY NEWS
  • WEBINARS
  • EVENTS
    • Upcoming Events
    • Endorsed Events
    • E-Events
    • Masterclass
Home News Polymorphism or Spoofed Login Pages Used to Phish Users
  • News
  • Threats

Polymorphism or Spoofed Login Pages Used to Phish Users

By
CISOMAG
-
August 26, 2020
SHARE
Facebook
Twitter
Phishing, phishing attacks

Ironscales, an automated phishing prevention, detection, and response provider, stated that credential theft attacks via fake or spoofed login pages and social engineering attacks have increased during the first half of 2020. In its research report, Ironscales revealed that it identified more than 50,000 fake login pages, impersonating around 200 popular global brands.

How Credential Theft Attack Works?

In a credential theft attack, hackers target users with an email imitating a popular brand and tricks them via social engineering techniques into entering their credentials on a  spoofed login page. Once the victim enters the credentials, the information is automatically transferred to the attackers. Hackers could use this information to log in to users’ accounts to perform banking frauds, data extraction, wire transfers, identity theft, and other malicious activities.

“These nefarious yet often highly realistic looking pages are now a common tactic deployed by attackers seeking to obtain a person’s login credentials to a legitimate website, such as a bank, email client, or social media site, among many other popular services,” Ironscales’ researchers said in a statement.

Ironscales also observed that health care is the most targeted sector in credential theft attacks followed by financial services, government agencies, and IT sectors. The top five brands with the most fake login pages include:Description

Brand                   Total Fake Login Pages                   % of all Fake Login Pages
PayPal 11,000 22%
Microsoft 9,500 19%
Facebook 7,500 15%
eBay 3,000 6%
Amazon 1,500 3%

                                                                                           Data Source: Ironscales

“Although PayPal sits atop the list, the greatest risk may derive from the 9,500 Microsoft spoofs, as malicious Office 365, SharePoint and One Drive login pages put not just people but entire businesses a risk,” researchers added.

Polymorphic Phishing Attacks

The research further stated that 5% (2,500) of the 50,000 fake login pages were polymorphic, with one brand garnering more than 300 variations. Microsoft and Facebook  topped the list with 314 and 160 permutations, respectively.Description

Brand                   No. of Permutations                        % of all Permutations 
Microsft 314 24%
Facebook 160 13%
Chase Bank 81 6%
Netflix 38 3%
eBay 34 3%
Alibaba 30 2%
AT&T 26 2%
Wells Fargo 26 2%
PayPal 24 2%
DHL 21 2%

                                                                                     Data Source: Ironscales

In Polymorphic phishing attacks (also known as Polymorphism), an attacker makes slight and random changes to a phishing email like its content, subject line, sender name, or template. This enables the phishing actors to easily escape from email security tools, which fail to recognize such modifications and obtain access to users’ inboxes.

While the research did not explain why these enterprises have more permutations than others, it stated that this could have occurred for two reasons:

  1. The security teams associated with these brands are actively looking to take down fake login pages, so attackers are forced to more frequently evolve the attack ever so slightly so to defeat human and technical controls.
  2. These brands are a priority and or easy target for a certain hacking group(s), so there is more activity and therefore a need to constantly evolve to stay one step ahead of security teams.

Eyal Benishti, founder and CEO, Ironscales, said, “Polymorphic email phishing threats represent an incredibly difficult challenge for SOC and IT security teams to overcome. Just as security personnel think that they may have a phishing threat under control, attackers can augment the artifacts to give the message an entirely new signature, thereby enabling what is for all intents and purposes the same malicious message to bypass the same human and technical controls that might have stopped a previous version of the attack.”

  • TAGS
  • attackers
  • credential theft
  • Email Attacks
  • Fake Login Pages
  • hackers
  • IRONSCALES
  • Phishing attacks
  • Phishing emails
  • polymorphic email attacks
  • Social engineering
  • spoofed login pages
  • spoofed websites
SHARE
Facebook
Twitter
Previous articlePanaseer – Delivering Enterprise Security Through Continuous Monitoring
Next articleMisconfigured AWS S3 Bucket Exposes PII of up to 350,000 SSL247 Customers
CISOMAG
https://cisomag.eccouncil.org/

RELATED ARTICLESMORE FROM AUTHOR

PSTI IoT Bill, Common IoT Attacks
Features

3 Common IoT Attacks that Compromise Security

SIM Swapping
News

FBI Issues a Lookout for SIM Swapping Attacks

remote work, Remote workforce security
News

How Remote Work Increase Digital Anxiety



Latest Issue is Out!


FOLLOW US FOR MORE UPDATES


CYBER SHOTS
Quick, punchy updates on Cyber trends, news and links to free resources. Only via Telegram and Signal. Join the groups now!
Click Here Click Here

MOST POPULAR

Research Finds Increase in Botnet and Exploit Activity in Q2 2020

45% companies don’t have cybersecurity leader: Study

CISOMAG - December 11, 2017
DEO data breach

Nearly half of companies have suffered a data breach in the past year: Survey

November 15, 2017
Messaging

Mobile messaging apps new hideout of Dark Web activities: Study

October 27, 2017
Kaspersky

NSA hacking code lifted from a personal computer in U.S.: Kaspersky

October 30, 2017

Instagram data breach! 49 million users’ sensitive data exposed online

May 23, 2019

RECENT POSTS

PSTI IoT Bill, Common IoT Attacks

3 Common IoT Attacks that Compromise Security

February 23, 2022
Steganography attack

How to Prevent Steganography Attacks

February 22, 2022
Brainjacking

How Brainjacking Became a New Cybersecurity Risk in Health Care

February 21, 2022
Malicious QR Codes

How Cybercriminals Exploit QR Codes to Their Advantage

February 20, 2022
SIM Swapping

FBI Issues a Lookout for SIM Swapping Attacks

February 15, 2022
Cybersecurity News and Updates, Magazine
CISOMAG is the handbook for Chief Information Security Officer (CISO)s, CXOs, and every stakeholder of safe internet.
Contact us: [email protected]

EVEN MORE NEWS

PSTI IoT Bill, Common IoT Attacks

3 Common IoT Attacks that Compromise Security

February 23, 2022
Steganography attack

How to Prevent Steganography Attacks

February 22, 2022
Brainjacking

How Brainjacking Became a New Cybersecurity Risk in Health Care

February 21, 2022

POPULAR CATEGORY

  • News2554
  • Threats1657
  • Features594
  • Partnerships215
  • Governance191
  • Startups161
  • Interviews121
  • Terms of Use
  • Privacy Policy
  • Advertise with us
  • Contact Us
  • MASTERCLASS
© CISOMAG 2020
We Care
Ensuring that you get the best experience is our only purpose for using cookies. If you wish to continue, please accept. You are welcome to provide a controlled consent by visiting the cookie settings. For any further queries or information, please see our privacy policy.
Do not sell my personal information.
Cookie SettingsAccept
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checkbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT
MORE STORIES
PSTI IoT Bill, Common IoT Attacks
Features

3 Common IoT Attacks that Compromise Security

CISOMAG - February 23, 2022
0
The explosion of IoT technologies incited users and organizations to swiftly adopt IoT devices to enhance process control and boost productivity. The rise of...
Edit with Live CSS
Save
Write CSS OR LESS and hit save. CTRL + SPACE for auto-complete.