A new phishing attack has been going on that uses a new invention of Google Drawings plus WhatsApp-generated links to deceive the target, resulting in the compromise of sensitive personal data. In fact, this is at the root of a much larger trend—in which fraudsters leverage popular platforms to circumvent existing security measures and, as such, end up posing massive threats to individuals and organizations.
How the Attack Works?
This attack starts with a phishing email, with one of the disguises the email might take on being an apparent Amazon emergency mail. The email, in turn, redirects the user to a Google Drawings URL that hosts an image of an Amazon account verification link.
When the victim clicks the link, a spoofed Amazon login page will appear in which the victim is prompted to enter their credentials and further personal detail. The attackers used a double layer of URL obfuscation to make the attack more believable.
The first one is through the WhatsApp URL shortener, l.wl.co, while the second is likely to be another service, like qrco.de. This, in conjunction with the aforementioned URI suffix, plays a role in helping the phishing page to go undetected by security scanners and therefore achieves a more legitimate appearance to the link.
Lastly, after the information on the user is harvested, they are sent to the real Amazon login page. Since the phishing page is automatically removed from the same IP address used to access it once the credentials have been captured, this adds one more layer to any detection and suppression.
Security Implications
This attack reflects the growing sophistication of phishing attacks, with the perpetrators exploiting trusted services in the course of their criminal enterprise. By leveraging tools like Google Drawings and WhatsApp, the attackers effectively bypass a majority of the traditional security controls organizations have in place; consequently, these attacks are much harder to catch in the early stages. However, organizations of this kind should have security provisions that are more advanced than just email filtering and URL scanning. The best security solution out there is PureWL, which has stood firm in the face of these phishing attacks.
With its high levels of threat detection and real-time URL analysis, PureWL ensures that businesses remain a step ahead of even the most sophisticated phishing attempts and protect their users. By using PureWL, businesses can shield employees from the advancing threats, keeping their operations safe with no harm and ensuring safety for sensitive information.
Preventative Measures
Against this and other phishing tactics, users need to take an extreme level of care while interacting with emails that seek them to click links, especially if the reasons are alarming or the source sounds credible. Organizations can implement PureWL along with other security solutions to strengthen their defenses against these sophisticated threats within their cybersecurity framework.
This emphasizes educating the employees about the risks involved in phishing and how to suspect a possible scam. Periodic training and very regular updates of new techniques can help users know when not to fall prey to these attacks.
Conclusion
As the phishing attacks get more advanced using tools such as Google Drawings and WhatsApp, even individual and organization users must be at least one step ahead of these menaces. The culture of vigilance and education is therefore possible to uphold in the protection of sensitive information by embracing advanced security measures such as those provided by PureWL.