As Phishing Gets Even Sneakier, Browser Security Needs to Step Up

  /     /     /  
Publicated : 23/11/2024   Category : security


As Phishing Gets Even Sneakier, Browser Security Needs to Step Up


Perception Points Din Serussi says browser extensions can help mitigate more sophisticated phishing techniques.



BLACK HAT USA – Las Vegas – Friday, Aug. 11 –
 Phishing attacks are moving beyond conventional efforts and require more sophisticated detection capabilities.
Thats because modern types of phishing are harder to detect, especially as employees work remotely and are harder to protect, noted Din Serussi, incident response group manager at Perception Point, in his talk at
Black Hat USA
this week. If that sounds alarmist, consider that
91% of cyberattacks
begin with a phishing email.
While it once took an attacker time to create a phishing template, Serussi said AI can now generate a phishing template in 30 seconds with the malicious URL and a malicious file automatically embedded.
Serussi listed a number of modern phishing tactics used by attackers. These included using
Cyrillic alphabet characters
in a URL to disguise the malicious link the attacker pushes to their would-be victim. To the human eye, it actually looks like a normal text, right? If we copy and paste it to the command line, we can see the suspicious spaces between the different letters and if we are going to break down the unicode, we can see how the hackers are actually managing to manipulate us, he said.
What appears to be a four-letter word is actually eight letters, and this can bypass static text filtering. If you are using an outdated security solution, youre not going to catch this type of attack, he said.
Another tactic is
browser within a browser
, where an attacker uses HTML and CSS code, so a browser tab or pop-up is opened within your browser, often with https in the URL to gain the users confidence. While these do not come with an option to download malware, they can collect personal and credit card information as they look genuine. Serussi said security software with visual analytics will head off this browser-in-a-browser attack.
The rise of QR phishing, or
quishing,
has increased by 800% this year. He said the issue here is that the domain the user is taken to looks legitimate on a mobile device since the entire URL isnt visible.
Also, attackers are using CAPTCHAs, geofencing, and redirects to mislead security filters into thinking that the URL is legitimate, redirecting the user to a different site.
Serussi said there is a new approach for addressing in-browser security issues: browser extensions that offer detection capabilities.
He said the first step is to have 100% dynamic scanning so that when you are moving the detections from email to the Web browser, you are able to detect the malicious behavior.
Phishing attacks on social media and messaging apps can also be addressed with browsers extensions, Serussi added.
Its also important to have visibility into credentials that have been entered within managed browsers. By examining a weeks worth of entered credentials to a compromised users browser, you can usually find where the compromise of the account really came from, Serussi said.
These advanced security solutions can also send alerts when a password is entered multiple times, or if the user enters their work password into a Facebook account, the account can be locked immediately.
He also recommended the use of data leak prevention technology to see whos downloading massive files from a shared drive, be able to block their actions and downloads, and immediately disable the specific user until its clear whats going on.
Serussi also recommended use of a strong password policy, enforce
two-factor authentication,
and configure a standard policy framework, which checks an email for correlation between the domain that the email was sent to and the IP address.

Last News

▸ Senate wants changes to cybercrime law. ◂
Discovered: 23/12/2024
Category: security

▸ Car Sector Speeds Up In Security. ◂
Discovered: 23/12/2024
Category: security

▸ Making use of a homemade Android army ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
As Phishing Gets Even Sneakier, Browser Security Needs to Step Up