Visit the campaigns phishing via exploiting web sites official

Researchers found in Kaspersky’s growth in the use of methods of sending emails to random unwanted messages filter.

Andincrease the exploitation of the spoilers of the internet for forms, e-sign up sign area, and on websites, to insert content of the random messages or links phishing in the confirmation messages e-received by users of the company’s renowned after filling out the electronic forms on their websites.

The vandals their search for new ways to deliver messages to junk mail and to users, with freedom to bypass the tools and controls for rendering the content.

They try to make their messages electronic sabotage comes from the source project enjoys a good reputation so don’t ignore users.

But this creates in turn a significant challenge for companies because this junk mail, spam, or even content that the links contained in phishing messages, which looks like it sent on their behalf, can do great damage to the confidence of its customers or lead to the diversion of their personal data.

Related topics what you read now:

The method being used by vandals as easily as effectiveness, which is based on the interest of the companies to receive the notes and testimonies of its customers to improve the quality of service provided to customers retention as well as enhance their reputation.

And corporate customer registration personal account, or subscribe to its newsletters, or communicate with them through models to the testimonies found on their official websites on the web, to ask questions or leave suggestions area, these are mechanisms that are exploited by vandals.

Requires the three mechanisms to provide the customer’s name and e-mail address, so that he can receive a confirmation message via e-mail.

According to researchers at Kaspersky, adds the crooks to the content of spam messages and links to address to this mail, enter the email address of the victim in the registration form or subscribe to email to their victim after that enter the letter instead of the name.

When they’re done, the site sends a confirmation message prepared by the vandals in a fraudulent manner to the email address you get him to the victim, containing a link to the declaration or fishing in the beginning of the text instead of the recipient’s name.

Said researcher security have Kaspersky, Maria please strengthen Maria Vergelis: most of these messages are modified to make them linked to the surveys conducted via the internet and designed to obtain personal data important users.

She added, “usually easily pass notifications received from reliable sources through the tools, content filtering, and for being the official messages issued by well-known companies, this is the reason that this new way to distribute junk mail, spam, or the attempts of phishing, the effective emitter on anxiety, even if they must mail in the form of harmless”.

And Kaspersky companies the following measures to ensure the preservation of its reputation:

  • Check how the business models of testimonies on the web sites of the affiliate.
  • The application of many transformation rules that can produce an error in the form and prevent sending when you try to register the name with symbols is not appropriate.
  • Assessment of gaps in the website, if possible.

Leave a Reply

Your email address will not be published. Required fields are marked *