Even mobile sensors can become phishing attacks
The complexity and sophistication of cyberattacks are always in line with the development of the internet world.
The complexity and sophistication of cyberattacks are always in line with the development of the internet world. Recently, an international security expert group discovered that a hacker is using a new and unique technique to launch a phishing attack in a way that is less unexpected, that is, misuse of the sensor system. built into the smartphone as a support tool.
Abuse mobile sensors as a phishing attack tool
According to a report by security experts from cybersecurity organization PhishLabs, such attacks will abuse a feature available in some popular web browsers, allowing identification and information gathering. on the direction and movement of the device. In other words, this type of phishing attack will abuse two types of sensors built into every mobile phone, tablet: Gyroscope and accelerometer.
'By checking the presence and status of these types of control sensors, a website can identify mobile device information and give corresponding responses,' the PhishLabs report said. .
Method of implementation
A typical mobile sensor-based attack will start with a fake text message, usually from a financial institution or reputable brand. The attacker will attach to this phishing message a malicious URL, and trick the victim into clicking on this link using typical social techniques.
Usually, after clicking on a malicious link, the victim will be redirected to an empty website. By reflex, the victim will close the tab containing the empty website and continue to click on the link again. On this second visit, the result will be a 404 response from the server. This shows that attackers are taking advantage of multiple layers of countermeasures to stay undetected.
So how do mobile sensors play a role? Malicious agents will use calls to the gyroscope and accelerometer to determine what type of device the victim is using, collect some relevant information, and then use the data collected. to deploy the most optimal attack plan.
You should read it
- Summary of popular network attacks today
- More than 1.7 billion cyber attacks in 2013
- The 4 most popular network attacks towards older people in 2018
- How to protect yourself from phishing attacks via mobile phones
- New phishing attacks appear to use Google Translate as a disguise
- Android operating system is the top target of hackers
- Mobile security with Kaspersky Mobile Security 9
- Hacker purged two-factor security just by automated phishing attacks
- Hackers use banks as a starting point for phishing attacks
- Instructions for installing mobile networks on Windows 10
- What is Duo Mobile? Is it safe to use Duo Mobile?
- DNS attacks are costing governments worldwide huge amounts