September 12, 2024 at 05:24AM
Palo Alto’s Unit 42 threat intel team warns of a rising tactic used by phishers to steal victims’ credentials. They identified over 2,000 large-scale phishing campaigns abusing HTTP header refresh entries to redirect visitors to malicious websites. The phishing attacks primarily target business and economy sectors, highlighting the need for organizations to be more aware of this threat. Phishing remains a common cybercrime, with annual losses exceeding $2.9 billion in 2023.
From the meeting notes, here are the key takeaways:
– Unit 42’s threat intel team has identified a growing tactic used by phishers to steal victims’ credentials by embedding malicious URLs in web page response headers, automatically redirecting visitors to malicious sites.
– This tactic has been observed in approximately 2,000 large-scale phishing campaigns between May and July, with instances throughout the year.
– Attackers frequently spoof login pages of well-known vendors to steal user passwords after redirecting users to malicious pages.
– The tactic involves manipulating HTTP refresh entries in response headers to automatically redirect visitors before the initial web page is loaded, making it challenging to detect.
– Organizations in the business and economy sector are the primary targets, followed by the “Other Industries” category and financial services.
– Despite consistent decline, phishing remains the most common form of cybercrime according to the FBI’s annual report, with business email compromise (BEC) schemes leading to annual losses exceeding $2.9 billion in 2023.
These are the main insights derived from the meeting notes. Let me know if you need any further information.