The innovative approach, known as “picture in picture,” capitalizes on users’ trust in familiar logos and promotions, making the attacks more convincing and harder to detect.
In a recent phishing campaign, hackers have employed sophisticated obfuscation tactics to deceive unsuspecting users into visiting malicious websites and disclosing sensitive information.
What makes this campaign unique is the technique where threat actors hide malicious links within seemingly innocuous images, particularly targeting customers of renowned brands such as Delta Airlines and Kohl’s.
The innovative approach, known as “picture in picture,” capitalizes on users’ trust in familiar logos and promotions, making the attacks more convincing and harder to detect.
Avanan, a subsidiary of Check Point Software, has been investigating these attacks, shedding light on the methods used by hackers to manipulate users’ perception of legitimacy. By embedding nefarious URLs within promotional images, cybercriminals exploit the limitations of URL filters, making it challenging for security systems to identify the threats.
When users receive an email containing the image, they are enticed to click on it, assuming they are accessing a legitimate offer or loyalty program. However, upon clicking, they are redirected to fake websites aimed at harvesting their credentials.
Jeremy Fuchs, a cybersecurity researcher and analyst at Avanan, explained, “Often, hackers will happily link a file, image, or QR code to something malicious. You can see the true intention by using OCR to convert the images to text or parsing QR codes and decoding them. But many security services don’t or can’t do this.”
The implications of these attacks extend beyond individual consumers, as airline loyalty program communications often reach corporate inboxes. With the rise of remote work, many employees use personal devices for business purposes or access personal services on business-issued laptops, making businesses vulnerable to these phishing attempts.
Another concerning trend observed in phishing attacks is the use of generative artificial intelligence (AI) to create convincing replicas of legitimate emails and promotional materials. As AI technology advances, the ability to produce realistic images and imitate authentic brand communications becomes easier for threat actors. This poses a significant challenge for end-users, as these AI-enabled attacks leave little room for detection.
RELATED ARTICLES
- How to detect phishing images in emails
- Blank Image Attack: Blank images used to drop malware
- Alert: Scammers Pose as ChatGPT in New Phishing Scam
- Facebook phishing scam use x-rated Images to steal data
- Images taken by JWST telescope used in spreading malware