• Magazine
  • NEWS
    • GOVERNANCE
    • STARTUPS
    • BUDGET
    • WORKFORCE
    • PARTNERSHIPS
    • THREATS
    • DATA PRIVACY
    • Regulations & Compliance
  • FEATURES
  • PODCASTS
  • Get Featured
    • INTERVIEWS
    • INFOGRAPHICS
    • MARKET TRENDS REPORT
      • DATA SECURITY
      • ENDPOINT SECURITY
    • INNOVATOR’S CORNER
    • HOTSPOT
    • SPECIAL FEATURES
  • Videos
    • EVENT VIDEOS
    • WEEKLY NEWS
  • WEBINARS
  • EVENTS
    • Upcoming Events
    • Endorsed Events
    • E-Events
    • Masterclass
  • Advertise with us
Search
Saturday, January 23, 2021
  • About us
  • Advisory Board
  • Write for CISO MAG
  • Careers
  • Login
  • SUBSCRIBE
CISO MAG  - News and Updates| Cyber Security Magazine CISO MAG | Cyber Security Magazine
Cyber Security 2021
CISO MAG  - News and Updates| Cyber Security Magazine CISO MAG  - News and Updates| Cyber Security Magazine
  • Magazine
  • NEWS
    • GOVERNANCE
    • STARTUPS
    • BUDGET
    • WORKFORCE
    • PARTNERSHIPS
    • THREATS
    • DATA PRIVACY
    • Regulations & Compliance
  • FEATURES
    • cybersecurity-budget

      A 21st Century Solution to Our Cybersecurity Skills Shortfall

      Artificial Intelligence

      Artificial Intelligence and Cybersecurity: A Double-Edged Sword

      Nissan data breach

      What the Automotive Industry Needs to Learn from Nissan’s Cybersecurity Error

      Phishing Campaign on FINRA

      Five Phishing Baits You Need to Know [INFOGRAPHIC]

      2021 Security Predictions

      2021 Security Predictions: Endpoint Security is of Utmost Importance

  • PODCASTS
  • Get Featured
    • INTERVIEWS
    • INFOGRAPHICS
    • MARKET TRENDS REPORT
      • DATA SECURITY
      • ENDPOINT SECURITY
    • INNOVATOR’S CORNER
    • HOTSPOT
    • SPECIAL FEATURES
  • Videos
    • EVENT VIDEOS
    • WEEKLY NEWS
  • WEBINARS
  • EVENTS
    • Upcoming Events
    • Endorsed Events
    • E-Events
    • Masterclass
  • Advertise with us
Home News Polymorphism or Spoofed Login Pages Used to Phish Users
  • News
  • Threats

Polymorphism or Spoofed Login Pages Used to Phish Users

By
CISOMAG
-
August 26, 2020
Phishing attacks on email gateways
SHARE

Ironscales, an automated phishing prevention, detection, and response provider, stated that credential theft attacks via fake or spoofed login pages and social engineering attacks have increased during the first half of 2020. In its research report, Ironscales revealed that it identified more than 50,000 fake login pages, impersonating around 200 popular global brands.

How Credential Theft Attack Works?

In a credential theft attack, hackers target users with an email imitating a popular brand and tricks them via social engineering techniques into entering their credentials on a  spoofed login page. Once the victim enters the credentials, the information is automatically transferred to the attackers. Hackers could use this information to log in to users’ accounts to perform banking frauds, data extraction, wire transfers, identity theft, and other malicious activities.

“These nefarious yet often highly realistic looking pages are now a common tactic deployed by attackers seeking to obtain a person’s login credentials to a legitimate website, such as a bank, email client, or social media site, among many other popular services,” Ironscales’ researchers said in a statement.

Ironscales also observed that health care is the most targeted sector in credential theft attacks followed by financial services, government agencies, and IT sectors. The top five brands with the most fake login pages include:Description

Brand                   Total Fake Login Pages                   % of all Fake Login Pages
PayPal 11,000 22%
Microsoft 9,500 19%
Facebook 7,500 15%
eBay 3,000 6%
Amazon 1,500 3%

                                                                                           Data Source: Ironscales

“Although PayPal sits atop the list, the greatest risk may derive from the 9,500 Microsoft spoofs, as malicious Office 365, SharePoint and One Drive login pages put not just people but entire businesses a risk,” researchers added.

Polymorphic Phishing Attacks

The research further stated that 5% (2,500) of the 50,000 fake login pages were polymorphic, with one brand garnering more than 300 variations. Microsoft and Facebook  topped the list with 314 and 160 permutations, respectively.Description

Brand                   No. of Permutations                        % of all Permutations 
Microsft 314 24%
Facebook 160 13%
Chase Bank 81 6%
Netflix 38 3%
eBay 34 3%
Alibaba 30 2%
AT&T 26 2%
Wells Fargo 26 2%
PayPal 24 2%
DHL 21 2%

                                                                                     Data Source: Ironscales

In Polymorphic phishing attacks (also known as Polymorphism), an attacker makes slight and random changes to a phishing email like its content, subject line, sender name, or template. This enables the phishing actors to easily escape from email security tools, which fail to recognize such modifications and obtain access to users’ inboxes.

While the research did not explain why these enterprises have more permutations than others, it stated that this could have occurred for two reasons:

  1. The security teams associated with these brands are actively looking to take down fake login pages, so attackers are forced to more frequently evolve the attack ever so slightly so to defeat human and technical controls.
  2. These brands are a priority and or easy target for a certain hacking group(s), so there is more activity and therefore a need to constantly evolve to stay one step ahead of security teams.

Eyal Benishti, founder and CEO, Ironscales, said, “Polymorphic email phishing threats represent an incredibly difficult challenge for SOC and IT security teams to overcome. Just as security personnel think that they may have a phishing threat under control, attackers can augment the artifacts to give the message an entirely new signature, thereby enabling what is for all intents and purposes the same malicious message to bypass the same human and technical controls that might have stopped a previous version of the attack.”

  • TAGS
  • attackers
  • credential theft
  • Email Attacks
  • Fake Login Pages
  • hackers
  • IRONSCALES
  • Phishing attacks
  • Phishing emails
  • polymorphic email attacks
  • Social engineering
  • spoofed login pages
  • spoofed websites
SHARE
Facebook
Twitter
Previous articlePanaseer – Delivering Enterprise Security Through Continuous Monitoring
Next articleMisconfigured AWS S3 Bucket Exposes PII of up to 350,000 SSL247 Customers
CISOMAG
https://cisomag.eccouncil.org/

RELATED ARTICLESMORE FROM AUTHOR

Joe Biden, Biden, POTUS, new POTUS, U.S. President, SolarWinds, Solar Winds hack, SolarWinds cyberattack, cybersecurity, cybersecurity budget, cybersecurity head, national cybersecurity head, Joe Biden cybersecurity budget
Governance

Biden Takes Up Cybersecurity on First Day in Office

GDPR fines in 2020
News

EU Regulators Imposed over €272.5 Mn in GDPR Fines to Date

Unprotected Server Exposes Facebook Scraped Data of 12 Mn Users in Vietnam
News

OpenWRT Administrator Account Breached



EXCLUSIVE

Evolution of Insurance Fraud, BAE Systems Applied Intelligence

Episode #6: How Insurance Fraud is Evolving (and Anti-fraud Measures)

CISOMAG - December 21, 2020
0

FOLLOW US FOR MORE UPDATES

Follow @CISOMAG

Latest Issue is Out!

Cybersecurity 2021

Cyber security editorial calendar 2021

MOST POPULAR

Research Finds Increase in Botnet and Exploit Activity in Q2 2020

45% companies don’t have cybersecurity leader: Study

CISOMAG - December 11, 2017
s3 bucket security, Unacademy Suffers a Data Breach

Nearly half of companies have suffered a data breach in the past year: Survey

November 15, 2017
Messaging

Mobile messaging apps new hideout of Dark Web activities: Study

October 27, 2017
Kaspersky

NSA hacking code lifted from a personal computer in U.S.: Kaspersky

October 30, 2017

Instagram data breach! 49 million users’ sensitive data exposed online

May 23, 2019

RECENT POSTS

Joe Biden, Biden, POTUS, new POTUS, U.S. President, SolarWinds, Solar Winds hack, SolarWinds cyberattack, cybersecurity, cybersecurity budget, cybersecurity head, national cybersecurity head, Joe Biden cybersecurity budget

Biden Takes Up Cybersecurity on First Day in Office

January 22, 2021
GDPR fines in 2020

EU Regulators Imposed over €272.5 Mn in GDPR Fines to Date

January 22, 2021
Unprotected Server Exposes Facebook Scraped Data of 12 Mn Users in Vietnam

OpenWRT Administrator Account Breached

January 22, 2021
Cyberattacks Increase As Cybercriminals Innovate Faster: NTT Report

ShinyHunters Leak 1.9 Mn Pixlr Users’ Records Online

January 22, 2021
reusing passwords

Google Chrome 88 To Fix Weak Passwords for Better Online Security

January 21, 2021
Cybersecurity News and Updates, Magazine
CISOMAG is the handbook for Chief Information Security Officer (CISO)s, CXOs, and every stakeholder of safe internet.
Contact us: [email protected]

EVEN MORE NEWS

Joe Biden, Biden, POTUS, new POTUS, U.S. President, SolarWinds, Solar Winds hack, SolarWinds cyberattack, cybersecurity, cybersecurity budget, cybersecurity head, national cybersecurity head, Joe Biden cybersecurity budget

Biden Takes Up Cybersecurity on First Day in Office

January 22, 2021
GDPR fines in 2020

EU Regulators Imposed over €272.5 Mn in GDPR Fines to Date

January 22, 2021
Unprotected Server Exposes Facebook Scraped Data of 12 Mn Users in Vietnam

OpenWRT Administrator Account Breached

January 22, 2021

POPULAR CATEGORY

  • News1896
  • Threats1066
  • Features314
  • Partnerships210
  • Governance170
  • Startups160
  • Interviews71
  • Terms of Use
  • Privacy Policy
  • Advertise with us
  • Contact Us
  • MASTERCLASS
© CISOMAG 2020
Edit with Live CSS
Save
Write CSS OR LESS and hit save. CTRL + SPACE for auto-complete.