Traditional phishing emails have followed the same set-up for decades – a malicious attachment or URL embedded in the email.
However, according to a new report featured in ITWire, URL-based dominance is a growing trend over phishing attachments and 4x more likely to reach users, particularly high-profile secure email gateways (SEGs).
There are three popular engagement methods threat actors use when phishing URLs are utilized: Trusted Domains (cloud services), Openly Available Services (free or cheap hosting platforms), and Multiple Redirects (chains of malicious URLS). In other words, threat actors manipulate the service to access the information they seek.
One way of doing this involves the type of attachment. Cofense claims the three most vulnerable attachments to phishing files are Password Protected Files, Unfamiliar Attachments, and Encoded Files.
Fortunately, there are preventative measures to secure one’s inbox. Avanan uses a Zero-Phishing technology that emulates websites behind the URL to detect zero-day phishing sites, i.e., all links are treated as potential threats and are inspected using multiple engines.
For instance, domains are checked for legitimacy and reputation data, while searching for keywords, brands, deceptive URL characteristics, or parameters associated with phishing kits. Zero-Phishing technology checks and emulates the target URL when the user clicks on the link. The URL is then rewritten in an attachment, replaced with an Avanan URL, and tested before redirecting the user. The user is notified by a tooltip with the original URL indicating the link is protected by Avanan’s technology. Thus, if it is benign, the user continues without interruption. If it is malicious, the user is forwarded to a warning page.
Put simply, “traditional phishing emails…have the objective of stealing credentials or delivering malware,” two objectives that embedded URLs can achieve. However, through Avanan’s Zero-Phishing Technology, anxiety for clicking the next URL link that reaches your inbox becomes non-existent.