Crooks are using realistic-looking webpage templates to trick you into handing over personal data

silversurfer

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,176
Content source
https://www.zdnet.com/article/crooks-are-using-realistic-looking-webpage-templates-to-trick-you-into-handing-over-personal-data/
Cyber criminals are still attempting to exploit the coronavirus pandemic for their own gain and they're being helped by website templates that allow them to mimic government agencies and companies.

Researchers at cybersecurity company Proofpoint have identified over 300 phishing campaigns designed to steal personal information and bank details from victims – and many are using sites that are indistinguishable from the real thing, complete with authentic imagery and user interfaces.

The security company warned that these template make it easy for scammers to quickly create high-quality, malicious web domains to insert into their COVID-19 phishing campaigns.

Bodies from the World Health Organization, the US Centers for Disease Control, the IRS, the UK's HMRC and even local councils across London are being mimicked in ready-to-use campaigns.

Many of the templates that are available on underground forums and marketplaces also feature multiple pages, making them look more authentic – therefore helping to trick visitors about the true intentions of the websites.

For example, a phishing website designed to look like Canadian government services provide both English-speaking and French-speaking options for entering details – and indicates that the attackers want to cover all bases possible.

"It tells us that the threat actors behind these sites pay attention to where people are going and what they use and take care to make their sites as credible as possible," Sherrod DeGrippo, senior director of threat research and detection at Proofpoint, told ZDNet.
"This makes them look more legitimate and therefore more likely to gather the credentials from the user," she said.
Click to expand...
 
  • Like
  • Wow
  • +Reputation
Reactions: [correlate], Protomartyr, Tutman and 9 others
Ink

Ink

Administrator
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
Screenshots of Copied (Phishing) vs Legitimate Sites:

www.proofpoint.com

COVID-19 Phishing Templates to Fake Government Website | Proofpoint US

Learn about how threat actors are using ready-made COVID-19 phishing template to copy government websites worldwide.
www.proofpoint.com www.proofpoint.com


Antus67 said:
Its bad enough about the coronavirus pandemic now we have to be cautious on whom to trust.
Click to expand...
The URLs are a good indication, use email/message junk filtering, out-dated logos, don't trusted unknown senders etc.. You can see in the link above.
 
  • Like
Reactions: harlan4096, [correlate], Protomartyr and 7 others
show-Zi

show-Zi

Level 36
Verified
Top Poster
Well-known
Jan 28, 2018
2,463
In Japan, similar bogus sites began to increase as soon as the application for corona subsidies began.
The dangers of relying too much on links now should be emphasized.
 
  • Like
Reactions: upnorth and [correlate]
You must log in or register to reply here.

Similar threads

Bot
Malware News Hackers Using Sneaky HTML Smuggling to Deliver Malware via Fake Google Sites
Replies
0
Views
457
Security News
Bot
Bot
Ink
    • Like
ShareID wants to verify your ID without storing personal data
Replies
2
Views
1,465
News Archive
codswollip
codswollip
vtqhtr413
    • Like
    • +Reputation
Hackers are using this old trick to dodge security protections
Replies
0
Views
364
News Archive
vtqhtr413
vtqhtr413

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top