Layerx Labs reported in its report that initially, this fishing attack used to show fake security alerts on the websites made, claiming that the user’s computer ‘compromise’ and ‘locked’ had become ‘. Attackers used to ask users to enter their home Windows username and password, while the wrong code used to freeze the webpage, causing the confusion of computer lock. These fishing pages were hosted on Microsoft’s Home Windows.WEB platforms, making them legal and escaped from traditional security solutions.
However, the report suggests that these attacks saw a decline of 90% in these attacks after the rollout of the new security features by Microsoft, Chrome and Firefox. In response, the attackers re -upgraded their campaign to target MAC users. The firm says that this time in new fishing efforts, page layouts and messages were designed to look valid for MAC users and the code was specifically changed to target Macos and Safari users. Attackers continued to use the Home Windows.WEB infrastructure, causing confusion of validity.
The report says that the victims were redirected on the fishing page through the domain ‘parking’ page. For example, if the user put the wrong URL of a website, they were taken to a compromised domain parking page, which quickly took them to the fishing page. In a special case, a MACOS and Safari user, who was working for an enterprise customer of Layerx, fell victim to this attack. However, the firm used a Secure Web Gateway (SWG), which escaped the attack. However, Layerx’s AI-based identification system identified the attack by announcing the web page and stopped it before any damage.
Layerx Labs estimates that in the coming weeks or months, the attack can emerge again by understanding the new security solution, which indicates that the way to completely escape from the rapid advanced hackers is quite difficult.
