Security News > 2023 > May > Don't Click That ZIP File! Phishers Weaponizing .ZIP Domains to Trick Victims

Don't Click That ZIP File! Phishers Weaponizing .ZIP Domains to Trick Victims
2023-05-29 07:14

A new phishing technique called "File archiver in the browser" can be leveraged to "Emulate" a file archiver software in a web browser when a victim visits a.ZIP domain.

Threat actors, in a nutshell, could create a realistic-looking phishing landing page using HTML and CSS that mimics legitimate file archive software, and host it on a.zip domain, thus elevating social engineering campaigns.

In a potential attack scenario, a miscreant could resort to such trickery to redirect users to a credential harvesting page when a file "Contained" within the fake ZIP archive is clicked.

"Another interesting use case is listing a non-executable file and when the user clicks to initiate a download, it downloads an executable file," mr.

ZIP file opens it directly in the web browser should the file name correspond to a legitimate.

MOV are both legitimate file extension names, potentially confusing unsuspecting users into visiting a malicious website rather than opening a file and dupe them into accidentally downloading malware.


News URL

https://thehackernews.com/2023/05/dont-click-that-zip-file-phishers.html