Security News > 2020 > March > Phishing Attack Skirts Detection With YouTube
Researchers are warning of an increase in phishing emails that use YouTube redirect links, which help attackers skirt traditional defense measures.
If certain malicious URLs are blocked by web browser phishing filters, attackers commonly use a redirector URL to bypass these filters and redirect the victim to their phishing landing page.
URL redirects have been used in previous campaigns, including malicious redirect code affecting Joomla and WordPress websites and HTML redirectors being used by Evil Corp. Now, a new campaign is using legitimate YouTube redirect links.
"Each of these fraud domains are quickly registered with Namecheap and used for this campaign, which suggests the possibility of bot automation."The phishing landing page itself is hosted on a legitimate Google page, which means its certificate is verified - helping the page appear more legitimate: "Use of this legitimate website allows the threat actor to sneak by any Secure Email Gateways or other security controls," researchers stressed.
Attackers continue to raise the bar when it comes to phishing attacks.
News URL
Related news
- Google raps Iran's APT42 for raining down spear-phishing attacks (source)
- Xeon Sender Tool Exploits Cloud APIs for Large-Scale SMS Phishing Attacks (source)
- Cybercriminals exploit file sharing services to advance phishing attacks (source)
- CERT-UA Warns of New Vermin-Linked Phishing Attacks with PoW Bait (source)
- How AitM Phishing Attacks Bypass MFA and EDR—and How to Fight Back (source)
- Novel attack on Windows spotted in phishing campaign run from and targeting China (source)
- Cybercriminals Exploit HTTP Headers for Credential Theft via Large-Scale Phishing Attacks (source)
- Australian Organisations Targeted by Phishing Attacks Disguised as Atlassian (source)
- Free Sniper Dz Phishing Tools Fuel 140,000+ Cyber Attacks Targeting User Credentials (source)
- DOJ, Microsoft seize 107 domains used in Russia's Star Blizzard phishing attacks (source)