Popular Posts
-
If you're a beginner just starting a WordPress blog, then there's no need to get VPS hosting. A shared hosting plan will provide a...
-
US 01:36 15.04.2016Get short URL Marco Marsala seemingly lost all traces of his company, including the websites that he works with, b...
-
July 17, 2017 by Sajal Chakraborty Learn about Amazon S3 (Simple Storage Service), creating a bucket in AWS S3 and then hosting stat...
-
THOMASVILLE, GA (WALB) - From live music to shopping to enjoying your favorite beer or wine, there will be something for everyone at ...
-
BI Intelligence See Also The Internet of Everything — $12.6 trillion ROI expected over the next decade [SLIDE DECK] T...
-
2017-08-22 Sports News of Tue, 22 Aug 20170 Tamale ready to host 2017 MTN FA Cup final - RFA Chairman File photo Mr. Abdoula...
-
We are presenting the best free web hosting that the world has ever known. Free Unlimited Web Hosting, No Ads, Real cPanel, MySQL, PHP. Crea...
-
CHICAGO, June 20, 2016 /PRNewswire/ -- Paper Source, a Chicago-based specialty retailer and web store, will be hosting a warehouse sale o...
-
WebSite X5 – Evolution is a powerful application which makes it easy to create top-quality responsive websites, even if you've no desi...
-
Managed WordPress hosting provider Pagely is celebrating its 7th birthday, according to an extensive blog post on its history, which goes ...
Blog Archive
- December (19)
- November (25)
- October (28)
- September (26)
- August (28)
- July (31)
- June (26)
- May (27)
- April (28)
- March (30)
- February (28)
- January (31)
- December (31)
- November (30)
- October (31)
- September (29)
- August (44)
- July (56)
- June (53)
- May (54)
- April (48)
- March (55)
- February (44)
- January (3)
- December (5)
- November (5)
- October (26)
- September (25)
- August (29)
- July (26)
- June (18)
- September (1)
About Me
Total Pageviews
Phishing scammers exploit Wix web hosting
Cybercriminals like to subvert legitimate online services like Google Docs and Dropbox to carry out their malicious activities. The free website hosting company Wix is the latest addition to the list of services they've abused.
Researchers from security company Cyren found that scammers were creating phishing sites designed to harvest Office 365 login credentials via Wix, which offers a simple click-and-drag editor for building web pages. As typically happens with free services, the criminals are taking advantage of these tools to carry out their operations.
The phishing site looks like a new browser window open to an Office 365 login page. In fact, it's a screenshot of an Office 365 login page with editable fields overlaid on the image. Users would think the site is legitimate and enter the login credentials, except the information is entered into the fields on the overlay and not the actual Office 365 page.
On the desktop, the overlay is fine, but the fact that fields are separate from the image is much more obvious on the mobile device, Cyren said.
The criminals are also thinking of ways to stay under Wix's radar. For example, there's no text on the page—it's all one image—and the password field is misspelled as "passvvord." The attackers may have made these decisions on the assumption that Wix has an automated scanning process that checks the site content to flag potentially bad sites.
The attackers may have designed the pages to make the user think something had opened a new browser window, said Cyren researcher Avi Turiel. It could also be a mark of laziness, with the attacker taking a screenshot of the original login page and not bothering to edit the image. "Maybe it's a trial to see if it works, so less effort was put into it," Turiel said.
Criminals like to host malware on cloud storage services or build their attack infrastructure with legitimate providers to bypass common security defenses. Users—even those who've been trained to scrutinize links for potential spam or phishing attacks—don't think twice about clicking on links to popular domains and services because they're conditioned to working with those tools. Organizations also can't block outright popular domains and service providers that are widely adopted. In some cases, web security products may not even scan the URLs because the products are considered trusted.
It also helps that these services are free. Attackers get the benefit of a valid domain without having to spend any money.
Cyren didn't know how the users are sent to the Wix pages. A browser redirect or a social engineering campaign could be navigating users to the site. The malicious pages have been reported to Wix, but administrators have to stop thinking of certain sites as trusted. Even the most benign site can be used maliciously.
Source: Phishing scammers exploit Wix web hosting
0 comments:
Post a Comment