• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   Bad Sites   »   Phishers Cast Wider Net, Now Asking for Multiple Emails

Phishers Cast Wider Net, Now Asking for Multiple Emails

  • Posted on:May 12, 2014 at 4:53 pm
  • Posted in:Bad Sites
  • Author:
    Abigail Villarin (Fraud Analyst)
0

From a security perspective, phishing attempts are pretty much old hat. In most cases, phishing attempts or attacks focus on getting one particular credential, such as those for credit cards or user accounts. We are now seeing cybercriminals attempt to get more credentials by using phishing pages that allow for multiple email logins.

Multiple Logins Allowed

We came across some shortened URLs that lead users are lead to phishing pages that mimic popular sites, including Facebook, Google Docs (now known as Google Drive), OneDrive, and several property websites. In order to proceed, users must log in using their email address.


Figure 1. Log in page featuring different email providers

The unique feature about these phishing pages is that they include options for several email providers. Users can log in using any of their accounts in Yahoo, Gmail, AOL, and Windows Live. There is even an ā€œother emailsā€ option, in case the user’s preferred email provider is not given. It’s interesting to note that the pages accept any words or even gibberish typed in—a sure sign that the pages are more concerned with collecting data.


Figure 2. “Other emails” gives users more options to supposedly log in

After signing in, users may encounter a ā€œloadingā€ or ā€œserver errorā€ notification before they are led to the actual site. For example, users who visit the ā€œGoogle Docsā€ site are led to a shared document about intentions for prayers.


Figure 3. Document hosted in Google Docs

Phishing Steps Up

This particular phishing scheme shows that cybercriminals are still refining their techniques. In this case, the cybercriminals took the extra steps to make sure the scheme appears as legitimate as possible (e.g., the redirection to legitimate sites, the use of an actual document for Google Docs).

Users should be wary of clicking shortened URLs, especially if they come from unverified sources. It’s recommended that they simply use bookmarks or type in the site’s URL directly into the address bar to avoid phishing pages. They should also double-check a site’s URL before they give out any user information; it has become all too easy for bad guys to create login pages that are near-identical to legitimate ones.

Trend Micro blocks all threats related toĀ this incident.

Learn how to protect Enterprises, Small Businesses, and Home Users from ransomware:
ENTERPRISE Ā»
SMALL BUSINESSĀ»
HOMEĀ»
Tags: AOLGmailphishingwindows liveYAhoo

Security Predictions for 2020

  • Cybersecurity in 2020 will be viewed through many lenses — from differing attacker motivations and cybercriminal arsenal to technological developments and global threat intelligence — only so defenders can keep up with the broad range of threats.
    Read our security predictions for 2020.

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Recent Posts

  • Our New Blog
  • How Unsecure gRPC Implementations Can Compromise APIs, Applications
  • XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits
  • August Patch Tuesday Fixes Critical IE, Important Windows Vulnerabilities Exploited in the Wild
  • Water Nue Phishing Campaign Targets C-Suite’s Office 365 Accounts

Popular Posts

Sorry. No data so far.

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, ę—„ęœ¬, ėŒ€ķ•œėÆ¼źµ­, å°ē£
  • Latin America Region (LAR): Brasil, MĆ©xico
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Ɩsterreich / Schweiz, Italia, Š Š¾ŃŃŠøŃ, EspaƱa, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.