Security News > 2024 > September > Cybercriminals Exploit HTTP Headers for Credential Theft via Large-Scale Phishing Attacks
2024-09-16 04:23
Cybersecurity researchers have warned of ongoing phishing campaigns that abuse refresh entries in HTTP headers to deliver spoofed email login pages that are designed to harvest users' credentials. "Unlike other phishing webpage distribution behavior through HTML content, these attacks use the response header sent by a server, which occurs before the processing of the HTML content," Palo Alto
News URL
https://thehackernews.com/2024/09/cybercriminals-exploit-http-headers-for.html
Related news
- Cybercriminals exploit file sharing services to advance phishing attacks (source)
- Xeon Sender Tool Exploits Cloud APIs for Large-Scale SMS Phishing Attacks (source)
- New QR Code Phishing Campaign Exploits Microsoft Sway to Steal Credentials (source)
- How Phishing Attacks Adapt Quickly to Capitalize on Current Events (source)
- Google raps Iran's APT42 for raining down spear-phishing attacks (source)
- Cybercriminals Exploit Popular Software Searches to Spread FakeBat Malware (source)
- Blind Eagle Hackers Exploit Spear-Phishing to Deploy RATs in Latin America (source)
- CERT-UA Warns of New Vermin-Linked Phishing Attacks with PoW Bait (source)
- New Qilin Ransomware Attack Uses VPN Credentials, Steals Chrome Data (source)
- BlackByte Ransomware Exploits VMware ESXi Flaw in Latest Attack Wave (source)