Related Articles
A report, from cyber defence company BlueVoyant, has found a 240% increase in email scams targeting users, with phishing scams that are often hard to spot.
The security experts have issued a new warning to everyone who uses the two email sites, saying: “One of the more complicated ways threat actors evade detection involves multiple redirect paths, steering consumers to spoofed domains while redirecting presumed threat hunters or phishing analysts to an error page.
“These evasion mechanisms include User Agent or IP restrictions and blocklisting, with significant emphasis placed on bot and crawler detection.
“The purpose of this type of redirection is to hide the phishing content on a single website by diverting threat hunters elsewhere, i.e. the target’s official domain, a google search, etc.”
The report added: ““Dynamic DNS hosting providers are particularly popular among threat actors because they provide a convenient platform to easily set up and host multiple phishing pages without having to register a domain.
“BlueVoyant has been tracking phishing activity leveraging this infrastructure since 2021, and found that 67% of all phishing attacks were hosted on dynamic DNS infrastructure by the end of that year, demonstrating the infrastructure’s quick adoption and massive scale of use.”
The report also warned of an increase in SMS phishing scams, as fraudsters start to target vulnerable people through text messages.
Offering advice on what to do if you have been targeted by a phishing scam, consumer experts Which? said: “”If you have fallen victim to a scam, contact your bank immediately to suspend your card and account.
“Your bank or building society will then be able to provide specialist support from their scam unit.
“Ultimately, if you have any doubt about the authenticity of a text message or email, it’s probably a scam.
“Take a minute to think about the message; were you expecting it, have you checked for spelling mistakes and double-checked the sender’s address.
“If the email address from the sender doesn’t look like it’s from a genuine address, don’t click on it.
“If you think it is a scam, you can forward the email as an attachment to Action Fraud who will investigate, or alternatively forward it to report@phishing.gov.uk.”
