Popular Posts
-
2017-08-22 Sports News of Tue, 22 Aug 20170 Tamale ready to host 2017 MTN FA Cup final - RFA Chairman File photo Mr. Abdoula...
-
Special Halloween Promo from SEMJar: Reliable and Affordable PBN Hosting. Available on October 28-31SEMJar, a SEO company renowned for its affordable services, invites every business owner to celebrate Halloween by getting reliable PBN ...
-
July 17, 2017 by Sajal Chakraborty Learn about Amazon S3 (Simple Storage Service), creating a bucket in AWS S3 and then hosting stat...
-
US 01:36 15.04.2016Get short URL Marco Marsala seemingly lost all traces of his company, including the websites that he works with, b...
-
Tweet Rackspace Hosting, Inc. (NYSE:RAX) – Analysts at Oppenheimer cut their Q3 2016 earnings per share ...
-
wedmfm.com is a wordpress.ORG software install on paid hosting, hosted by Bluehost, not by wordpress.COM. Contact your web host. You are...
-
CHICAGO, June 20, 2016 /PRNewswire/ -- Paper Source, a Chicago-based specialty retailer and web store, will be hosting a warehouse sale o...
-
WebSite X5 – Evolution is a powerful application which makes it easy to create top-quality responsive websites, even if you've no desi...
-
SANTA FE, NM --(Marketwired - March 26, 2016) - CrowdReviews.com, a provider of web hosting reviews and ratings, has released a statement...
-
The Golden Globes were a strong night for "La La Land" and FX's "Atlanta," but first-time host Jim...
Blog Archive
- December (19)
- November (25)
- October (28)
- September (26)
- August (28)
- July (31)
- June (26)
- May (27)
- April (28)
- March (30)
- February (28)
- January (31)
- December (31)
- November (30)
- October (31)
- September (29)
- August (44)
- July (56)
- June (53)
- May (54)
- April (48)
- March (55)
- February (44)
- January (3)
- December (5)
- November (5)
- October (26)
- September (25)
- August (29)
- July (26)
- June (18)
- September (1)
About Me
Total Pageviews
Phishing scammers exploit Wix web hosting
Cybercriminals like to subvert legitimate online services like Google Docs and Dropbox to carry out their malicious activities. The free website hosting company Wix is the latest addition to the list of services they've abused.
Researchers from security company Cyren found that scammers were creating phishing sites designed to harvest Office 365 login credentials via Wix, which offers a simple click-and-drag editor for building web pages. As typically happens with free services, the criminals are taking advantage of these tools to carry out their operations.
The phishing site looks like a new browser window open to an Office 365 login page. In fact, it's a screenshot of an Office 365 login page with editable fields overlaid on the image. Users would think the site is legitimate and enter the login credentials, except the information is entered into the fields on the overlay and not the actual Office 365 page.
On the desktop, the overlay is fine, but the fact that fields are separate from the image is much more obvious on the mobile device, Cyren said.
The criminals are also thinking of ways to stay under Wix's radar. For example, there's no text on the page—it's all one image—and the password field is misspelled as "passvvord." The attackers may have made these decisions on the assumption that Wix has an automated scanning process that checks the site content to flag potentially bad sites.
The attackers may have designed the pages to make the user think something had opened a new browser window, said Cyren researcher Avi Turiel. It could also be a mark of laziness, with the attacker taking a screenshot of the original login page and not bothering to edit the image. "Maybe it's a trial to see if it works, so less effort was put into it," Turiel said.
Criminals like to host malware on cloud storage services or build their attack infrastructure with legitimate providers to bypass common security defenses. Users—even those who've been trained to scrutinize links for potential spam or phishing attacks—don't think twice about clicking on links to popular domains and services because they're conditioned to working with those tools. Organizations also can't block outright popular domains and service providers that are widely adopted. In some cases, web security products may not even scan the URLs because the products are considered trusted.
It also helps that these services are free. Attackers get the benefit of a valid domain without having to spend any money.
Cyren didn't know how the users are sent to the Wix pages. A browser redirect or a social engineering campaign could be navigating users to the site. The malicious pages have been reported to Wix, but administrators have to stop thinking of certain sites as trusted. Even the most benign site can be used maliciously.
Source: Phishing scammers exploit Wix web hosting
0 comments:
Post a Comment