Phishing kits are using increasingly sophisticated techniques to avoid detection and make their scams more convincing, according to Prakhar Shrotriya at Zscaler.
Some phishing sites are utilizing techniques employed by legitimate websites, such as verifying payment card details and changing the site’s language based on the geolocation of the victim’s IP address. These techniques make the site appear more legitimate to users and increase the efficiency of attacks.
Phishing pages are also using blacklists to prevent users from visiting the site more than once, and they’re automatically blocking IP addresses known to belong to security companies. Some create randomized domains, files, and/or HTML attributes for each visitor, making it harder for security technologies to identify malicious behavior.
“Phishing attacks have been on the rise for a few years, but we’re seeing changes in attackers’ methodologies,” Shrotriya writes. “As end-users become more careful about clicking suspicious links or opening unknown attachments, attackers have also upped the ante by evolving the way in which the phishing content is delivered, and they’re leveraging new tactics to make the phishing pages remain undetected for longer periods.”
Attackers can always be expected to adapt in order to overcome improved security measures. New-school security awareness training is an essential tool to help your employees keep up with evolving social engineering techniques.
Zscaler has the story: https://www.zscaler.de/blogs/research/evolution-phishing-kits