Latest Phishing Scan is Hiding Behind Custom Fonts
January 07, 2019
Researchers have discovered yet
According to cyber security researchers at Proofpoint, the new phishing method, targeting a major US bank with hopes of obtaining credentials, uses a ‘never-before-seen’ technique that takes advantage of custom fonts to evade detection. Once the phishing link has been accessed, the victim is led to an official ‘looking’ login page for the US bank – but in actual fact, includes encoded display text (even after being copied and pasted into a word file) and is set-up to steal your data.
Code snippet from phishing landing page with encoded display text
Obsolete software and exposed VPNs come with a host of security vulnerabilities. Understand the dangers and how to secure them in the age of remote work.
74% of breaches involve a privileged account, yet only 3/10 organisations have implemented a PAM solution. Are your privileged accounts at risk?
Domain impersonation is increasingly becoming a problem which targets businesses and their customers. Phishing attackers are now advancing their level of sophistication by utilising domain impersonation as part of BEC scams that can result in CEO fraud, malware infection, or ransom.