The phishing is still a very profitable technique for crooks, phishers try to improve old tactic in a new fashion in order to steal victims’ information.
One of the most common suggestions to mitigate phishing attacks is to inspect the links in a mail to see if they reference to the website where you would expect them to point. Although good advice, this is NOT a guarantee that you are going to be safe.
Unfortunately, this is not enough to protect users, It is important never follow the URLs included in the emails or attachments.
The phishing page used in the attack spotted by the researchers is hosted on www[dot]egypt-trips[dot]co which seems to be an unused website running a WordPress CMS.
This technique could be very insidious if the attackers also hosted the phishing page on a website that appears as legitimate, for example http://paypalnew.com.
“Now if the phishers were intelligent enough to put this on a website with a half believable URL, something like http://paypalnew.com which was used in a series of Phishing attacks yesterday, we would be in trouble, because users wouldn’t realise that they were giving their details to a phisher.
Luckily enough, there are enough warning bells with this particular one to prevent most people falling for it, but some always do.” closes the post.
In this specific case, the site owner was already contacted by the expert.
(Security Affairs – Phishing, PayPal)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.