Increasingly targeted credential exfiltration attacks have been deployed by threat actors through precision-validated phishing, which leverages real-time email validation to ensure that only active addresses are given the fake login pages, Infosecurity Magazine reports.
Attacks facilitating precision-validated credential theft one of which involved email redirection to Wikipedia and other sites entailed the exploitation of legitimate email verification APIs to allow instant email address confirmation, as well as the concealment of malicious scripts that alert attacker servers and conduct email validation prior to password prompting, according to a Cofense report. With non-matching emails dismissed by intrusions using the technique, malicious activity could not be detected by automated crawlers,, sandbox environments, and other defenses. Investigation into such attacks is also being hampered by seemingly harmless phishing pages, said researchers, who have urged organizations to implement anomaly detection and behavioral analytics to avert potential compromise.
Attacks facilitating precision-validated credential theft one of which involved email redirection to Wikipedia and other sites entailed the exploitation of legitimate email verification APIs to allow instant email address confirmation, as well as the concealment of malicious scripts that alert attacker servers and conduct email validation prior to password prompting, according to a Cofense report. With non-matching emails dismissed by intrusions using the technique, malicious activity could not be detected by automated crawlers,, sandbox environments, and other defenses. Investigation into such attacks is also being hampered by seemingly harmless phishing pages, said researchers, who have urged organizations to implement anomaly detection and behavioral analytics to avert potential compromise.
