New Phishing Threat Poses Security Concern
Hikvision Tips to Avoid Becoming a Victim of Phishing and Spear Phishing
A new phishing threat is creating growing security concerns, according to the article in SecurityInfoWatch.com, “Browse at your own risk, new malvertising phishing threats on the rise.”
From the article: “Just when you thought online phishing couldn’t get much worse between credential stealing, rogue browser extensions, and social media scams, a new attack technique has emerged in the wild. This latest threat involves 'malvertising,' where a bad ad unknowingly auto downloads an HTML file to a user’s system. This occurs when the user browses to a web page that hosts these malicious files—no clicking required. If this technique continues to proliferate and becomes a trend, entire URL reputation and domain reputation engines could be toast.”
Hackers created a tech support phishing scam on a fake Microsoft Windows site, and Apple iOS users “were hit by session-hijacking cybercriminals who exploited an unpatched flaw in the Chrome for iOS browser,” according to the article.
Traditional anti-phishing solutions focus primarily on email and do not address concerns with the new method of attack, creating additional security challenges with malvertising phishing scams. The author recommends running virtual browsers in the cloud to provide active site analysis to address the threat.
Hikvision’s cybersecurity director has written blogs providing tips on how to prevent becoming a victim of phishing and spear phishing, a special kind of phishing attack. For more ways to reduce concerns about security, read part two in the spear phishing series at this link.