"Criminals Are Using This Stupidly Simple Tactic to Send Malicious Links - And It's Working"
Hackers would typically compose an elaborate email in an attempt to trick victims into clicking a link included in the message. For example, these emails would inform recipients that they must download an antivirus program, cancel a pending transaction, or something similar. However, security researchers at Check Point Harmony Email have discovered that some hackers replace all of this with an image. Instead of typing out a lengthy email and risking being suspected due to typos or poor grammar, attackers generate a promotional image such as a flyer informing the recipients that they have won a prize or have been invited to participate in a contest. The image would be hyperlinked, leading victims to a phishing page where they would provide sensitive information. According to the researchers, many people click on the image instead of deleting the phishing email. In addition, by not displaying a link at all, hackers are able to circumvent URL filters, one of the most common methods for protecting inboxes. This article continues to discuss hackers bypassing URL filters with images.