Fraudsters Use HTML Legos to Evade Detection in Phishing Attack

  /     /     /  
Publicated : 23/11/2024   Category : security


Fraudsters Use HTML Legos to Evade Detection in Phishing Attack


Criminals stitch pieces of HTML together and hide them in JavaScript files, researchers report.



Researchers with Trustwave SpiderLabs are warning of a phishing campaign that employs what it calls HTML Lego to deliver a fake login page.
The phishing campaign is aimed at Microsoft 365 users and designed to mimic a Microsoft login interface. Trustwave says the emails contain nothing in the email body but have an attachment that appears to be an Excel file offering information about an investment. This attachment is actually an HTML document with two sections of URL encoded text.  Fraudsters pieced together different pieces of HTML hidden in JavaScript files to generate the fake login page.
Researchers say the first block of URL encoded text is the first part of the HTML code, where the beginning HTML tag is located. The second block of URL encoded text contains an HTML JavaScript code that validates victims email and password input.
“This phishing campaign design was a little more tricky than usual,” researchers say in a summary of the findings. “By improvising an HTML email attachment that incorporates remote JavaScript code located on a free JavaScript hosting site, and ensuring the code is encoded uniquely, the attackers seek to fly under the radar to avoid detection.”
A detailed analysis of the campaign can be found 
here
.

Last News

▸ 7 arrested, 3 more charged in StubHub cyber fraud ring. ◂
Discovered: 23/12/2024
Category: security

▸ Nigerian scammers now turning into mediocre malware pushers. ◂
Discovered: 23/12/2024
Category: security

▸ Beware EMV may not fully protect against skilled thieves. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Fraudsters Use HTML Legos to Evade Detection in Phishing Attack