Cyber ​​criminals continue to refine their methods. Barracuda warns of three new phishing techniques that have only been known since January.

Phishing is a tried and true recipe that cybercriminals use again and again to penetrate corporate IT systems. The techniques are constantly changing. That’s according to Barracuda Networks’ latest Threat Spotlight report. In January, the security specialist discovered three new phishing techniques that had never been discovered before.

Google Translator

A first technique uses the Google Translate service for websites to obfuscate malicious URLs. The attackers use poorly constructed HTML pages or an unsupported language to prevent Google from automatically translating the webpage.

Google responds with a notification containing a link to the web page and stating that it cannot translate the underlying website. Attackers insert this URL link into an email and when a recipient clicks on it, he or she is redirected to a fake but authentic-looking website, which is actually a phishing website used by the attackers is controlled.

These attacks are difficult to detect because they contain a URL that points to a legitimate website. As a result, many email filtering technologies allow these attacks to reach users’ inboxes. Additionally, the attackers can modify the malicious payload the moment the email is delivered, making them even more difficult to detect.

images without text

Image phishing emails are not new. Barracuda researchers have found that attackers are increasingly using images without text. The images can be forms such as invoices and often include a phone number that leads to phishing when tracked.

Because these attacks do not contain text, they can be difficult for traditional email security to detect. The researchers assume that phishing with images will be increasingly used by cybercriminals in the future.

Special Characters

Hackers often use spaces, punctuation, or non-Latin characters to evade detection. This tactic is also used in “typo-squatting” attacks via the web address. It mimics the real site name, but with a small, unobtrusive misspelling. When these special characters are used in a phishing email, they are not visible to the recipient.

The tactic can work as follows: an attacker inserts a zero width into the malicious URL of a phishing email. This breaks the URL pattern, preventing security technologies from detecting it as malicious. Detecting such attacks can also be difficult as there are legitimate purposes for using special characters, e.g. B. in email signatures.

Rare but widespread

Since these techniques are still new, they are rare for the time being. Each of these tricks accounted for less than 1 percent of the phishing emails analyzed by Barracuda. Nevertheless, there is reason for concern, because ten to fifteen percent are likely to have already received such an e-mail. Barracuda does not rule out that these techniques will become more widespread.

In addition, these techniques also exploit vulnerabilities in classic detection malware. Barracuda recommends investing in email discovery tools that use AI to analyze a message’s context, subject, and sender in addition to content.

If an email does make it through the spam filters, it’s important to have the right tools to remove it from employees’ inboxes as quickly as possible. In addition, employees must be continuously trained to recognize and report suspicious messages.