"INKY Finds New Phishing Attack Technique Spoofing Netflix"
According to a report recently published by INKY Technology, a provider of an email security platform, cybercriminals have discovered another way to harvest credentials by impersonating the web pages of Netflix. INKY found malicious HTML attachments compressed in ZIP files that, when opened, the malware renders a local copy of a web page appearing to be Netflix. Cybercriminals created a form that appeared to be sent from Netflix to an end user in the example INKY provided. All sender email addresses were spoofed to appear to be from Netflix's real domain. The phishing emails originated from a compromised mail server controlled by a Peruvian university. Bukar Alibe, data curator for INKY, said he hoped end users would be suspicious of any ZIP file sent to them, but there are likely to be many end users who would be duped into providing Personally Identifiable Information (PII), especially if they thought the request came from a trusted online brand. INKY advises end users to visit websites directly and to hover over links to ensure that they go to an actual website rather than a local file. INKY also says that SMTP servers should not be configured to accept and forward emails from non-local IP addresses to non-local mailboxes by unauthenticated and unauthorized users. Although brand impersonation is not an unknown attack vector, cybercriminals seem to be experimenting with new techniques to evade the anti-phishing tools implemented by organizations. Each organization must decide how to penalize end users who fall victim to phishing attacks. However, as phishing attacks grow in sophistication, they become increasingly difficult for the average end user to detect. Ongoing end user cybersecurity training is required to help them recognize phishing attacks. The days of phishing attacks being easily detected due to misspellings, for example, are long gone, according to Alibe. This article continues to discuss INKY's discovery of a new phishing attack method involving the spoofing of the popular brand Netflix.
Security Boulevard reports "INKY Finds New Phishing Attack Technique Spoofing Netflix"