Weekly Tip! EvilProxy and URLs

Weekly Tip! EvilProxy and URLs

About a week ago, researchers uncovered a new "phishing-for-hire" tool called EvilProxy. The tool sends standard phishing emails to recipients, but it implements some advanced hacking techniques to dramatically increase the odds of taking over your account - from GMail/Office 365 to GitHub, Amazon, and anything else that offers value to an attacker.

There is no known solution to 100% prevent this attack.

So it's very important this month that we all step back, slow down, and pay very close attention to what we do in email. EvilProxy works by sending you a phishing email that looks legit, but has spoofed and harmful links. For instance:
- Instead of support.google.com, the link may send you to support-google.com (very subtle difference)
- Instead of microsoft.com, the link may send you to micros0ft.com (or another URL where a number is substituted for a letter).
- The link may actually send you to an "IP address," which is a series of numbers that identifies a server on the Internet. For instance,

Your safest bet is, no matter what the email is or what the subject is, to manually navigate to your account on whatever service is linked to in the email. For instance if you recieve an email with a login link for a banking account at Wells Fargo, don't click the link in email. Instead, open a new browser tab and manually enter Wells Fargo's web address.

Another tip: if you receive an email, click a link, and are prompted to enter credentials, don't. If you receive an email, click a link, enter your credentials and are prompted to provide your multi-factor authentication code, don't. As mentioned above, in a new browser tab navigate to the service and log in manualy.

    • Related Articles

    • Weekly Tip! Using Attachments

      Phishers aren't really as bright as you might think - they just know how to reuse what works. One of their favorite tricks is to attach a file to an email, and trick us into opening the attachment. While it may appear to be a PDF document or a Word ...
    • Weekly Tip! Watch Out for Bank Phishing Scams

      Many people see email as a convenient and effective way to receive information. Popular banks have even started using email as a primary method of communication to send account updates to their customers. Now, cybercriminals are imitating banks in ...
    • Weekly Tip! IT or Cybercriminal?

      Coinbase, a cryptocurrency platform, was the latest victim of a social engineering attack. Social engineering occurs when cybercriminals manipulate you to try to steal your sensitive information. In this recent attack, a cybercriminal sent smishing ...
    • Weekly Tip! Fraudulent Funds Transfers

      Organizations often use email to send their employees invoices that they need to pay. Now, cybercriminals are taking advantage of this process by using fraudulent funds transfer (FFT) scams. In FFT scams, cybercriminals try to manipulate you into ...
    • Weekly Tip! Disaster Relief Scams

      When a natural disaster strikes, many people rely on insurance providers for disaster relief to help them pay for damages to property. Unfortunately, cybercriminals can take advantage of this vulnerable situation by manipulating you into sharing ...