Latest Phishing Scan is Hiding Behind Custom Fonts
January 07, 2019
Researchers have discovered yet
According to cyber security researchers at Proofpoint, the new phishing method, targeting a major US bank with hopes of obtaining credentials, uses a ‘never-before-seen’ technique that takes advantage of custom fonts to evade detection. Once the phishing link has been accessed, the victim is led to an official ‘looking’ login page for the US bank – but in actual fact, includes encoded display text (even after being copied and pasted into a word file) and is set-up to steal your data.
Code snippet from phishing landing page with encoded display text
Is Broadcom about to shake up the Symantec enterprise following its acquisition or does this kick start the end of the line for Symantec.
Secrutiny is hosting an intimate breakfast briefing for cyber security leaders in London on Thursday, 28th November. Join us to discover how, with a bit of extension and instrumentation, the ecosystem of controls that you already have can form the basis of an evidential, prioritised cyber risk management programme. Learn more and register…
Managing security risks and responding to incidents are significant operational tasks, and the speed at which you react is crucial. Take a look at how to regain control in our latest blog post which highlights the importance of Context, Visibility and Control.