Humanitarian Cyber Surge, Unsubscribe Scam Alert, SEO Boosts Phishing
Hey people! We are three weeks down in June, just like that! With that, we bring to you the third bulletin of the month. Are you excited to stay up-to-date about the latest cyber incidents happening around the globe? If yes, here’s the good news. We are back with our fresh dose of global cyber facts. This week, we will talk about how cybercrooks are using SEO tactics to push phishing pages high up the search results. Also, our focus will be on the new Gmail scam. Lastly, we will discuss the steep rise in the incidents of cyberattacks on humanitarian organizations.
So, if you are all set to dive deeper, let’s get started!
Global humanitarian organizations see a steep rise in cyber incidents!
There has been a massive 241% spike in the number of cyberattacks on humanitarian organizations worldwide in just 12 months. Distributed Denial of Service or DDoS is the most dominant form of attacks. CyberPeace Institute, an entity that gathers data and information around cyber conflicts, shared that opportunistic attacks are becoming the new normal for nonprofit enterprises.
Since nonprofit organizations operate on a low budget, it is difficult for them to set up high-end cybersecurity systems. Only 15% of all global humanitarian organizations have a cybersecurity expert on board. Journalism entities, social welfare organizations, environmental and humanitarian entities are being attacked left, right, and center by threat actors.
Nonprofit organizations are not only ‘cyber poor’ but also the prime targets of repressive government regimes, political hacktivists and foreign adversaries.
Journalism organizations are the worst hit among all the nonprofit entities in the last month. What’s worse is that cyberattacks are getting more sophisticated with every attempt. Cybercrooks are even using deepfakes to wipe away sensitive data.
The only way out is to have a solid cybersecurity mechanism in place to combat the increasing number of cyber incidents. Cybersecurity systems use DMARC, DKIM, and SPF protocols to authenticate emails, prevent spoofing, and protect against phishing attacks.
You may want to think twice before hitting that ‘Unsubscribe’ button- New scam alert!
Phishing attacks are on the rise in Gmail as well as other email systems. Cybercrooks are using malicious ‘Unsubscribe’ links to carry out phishing attacks and information theft. Clicking on these fraudulent links will redirect users to fake pages and phishing sites, potentially compromising personal details.
Threat actors have discovered a new scam in which they add tracking codes to unsubscribe buttons in emails. These tracking codes enable cybercrooks to determine whether or not the account is active. They then sell out the active email IDs in dark forums at premium pricing. The CTO at DNSFilter claims that 1 out of 644 unsubscribe buttons is likely to contain tracking code, and it can successfully redirect unaware users to phishing sites.
The best way to prevent being scammed through a malicious unsubscribe link is to use the ‘in-app unsubscribe’ feature that you get with Outlook or Gmail.
Cyberattackers are using search engine optimization to rank the phishing pages high in SERPs!
If you think search engine optimization or SEO is just meant for boosting traffic to your website, you need to know this: Threat actors have started using SEO to push phishing pages up the search engine results. Researchers have found that threat actors are using code-injected web pages in order to manipulate the search engines so that the algorithm pushes the compromised content and redirects the users to phishing sites.
Andrew Sebborn, an analyst at Netcraft, believes that cyberattackers inject legitimate web pages with embedded JavaScript and URL keywords that can redirect unaware users to malicious pages. The injected content tends to be subtle and can easily evade detection. It easily manipulates Google’s PageRank system. Threat actors often choose sites with high DA value, such as .gov, .edu, and Country Code TLDs. Google assumes that such domains are of great relevance and prioritizes these pages in search engine page results.
The Netcraft researchers have found out that SEO optimization services for carrying out malicious activities are being offered for as little as $1 per site. Apart from injecting legitimate pages, these SEO services also include adding selected phrases and keywords to the pages in order to generate search engine traffic and get visibility high up in the search results.
The ultimate goal of the cybercrooks is to keep the users unaware of the attack and convince them that they are being directed to a legitimate search results page. Such attacks are designed to harvest personal and sensitive data from users, including login credentials, bank account numbers, credit card details, and more.
Cyberawareness is, therefore, no longer a luxury but a necessity in today’s time. Next time you proceed to click on a top-ranking search result, make sure you take a close look at the URL and meta description. If there’s any anomaly or irregularity, simply avoid clicking on the link.
