Security News > 2023 > April > More phishing campaigns are using IPFS network protocol
IPFS is a peer-to-peer network protocol designed to provide a decentralized and distributed web.
In a usual phishing case, the target is enticed to visit a fraudulent phishing page that will steal their credentials and possibly their credit card information; however, this fraudulent page can be hosted on IPFS and accessed via a gateway.
Targeted phishing attacks also use IPFS. Most IPFS phishing attacks are not too original when compared with usual phishing, yet in some cases, IPFS is used for complex targeted attacks, according to Kaspersky.
IPFS gateways' providers attempt to combat those fraudulent pages by regularly deleting links to those files, yet it does not always happen as quickly as the blocking of a phishing website.
Anti-spam solutions such as Microsoft Exchange Online Protection or Barracuda Email Security Gateway will help detect IPFS phishing and block links to it, just like for any usual phishing case.
Users should be educated about phishing emails or any kind of phishing link that could be sent to them via different ways including instant messaging and social networks.