Security News > 2020 > March > Phishing Attack Skirts Detection With YouTube
Researchers are warning of an increase in phishing emails that use YouTube redirect links, which help attackers skirt traditional defense measures.
If certain malicious URLs are blocked by web browser phishing filters, attackers commonly use a redirector URL to bypass these filters and redirect the victim to their phishing landing page.
URL redirects have been used in previous campaigns, including malicious redirect code affecting Joomla and WordPress websites and HTML redirectors being used by Evil Corp. Now, a new campaign is using legitimate YouTube redirect links.
"Each of these fraud domains are quickly registered with Namecheap and used for this campaign, which suggests the possibility of bot automation."The phishing landing page itself is hosted on a legitimate Google page, which means its certificate is verified - helping the page appear more legitimate: "Use of this legitimate website allows the threat actor to sneak by any Secure Email Gateways or other security controls," researchers stressed.
Attackers continue to raise the bar when it comes to phishing attacks.
News URL
Related news
- Phishing platform 'Lucid' behind wave of iOS, Android SMS attacks (source)
- iOS devices face twice the phishing attacks of Android (source)
- Windows NTLM hash leak flaw exploited in phishing attacks on governments (source)
- The dark side of YouTube: Malicious links, phishing, and deepfakes (source)
- Three Reasons Why the Browser is Best for Stopping Phishing Attacks (source)
- Phishing detection is broken: Why most attacks feel like a zero day (source)
- DPRK Hackers Steal $137M from TRON Users in Single-Day Phishing Attack (source)
- Low-tech phishing attacks are gaining ground (source)
- MintsLoader Drops GhostWeaver via Phishing, ClickFix — Uses DGA, TLS for Stealth Attacks (source)
- Focused Phishing: Attack Targets Victims With Trusted Sites and Live Validation (source)