Linkedin Phishing scam that only works in Firefox using data text urls

Haythem Elmir

We see lots of phishing attempts for email credentials. This one is slightly different than many others and much more involved and complicated. The email has a link to a site which contains a  data:text  base64 encoded content. data:text urls are dangerous and recently Internet Explorer and Google Chrome have stopped displaying the urls or the content from them. That leaves Firefox as the only commonly used browser that is vulnerable to this sort of attack. All the sites involved in this phishing scam look like compromised WordPress sites.

They use email addresses and subjects that will entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better response than they do from consumers.

These phishing emails do not come from LinkedIn. They are not sending the emails to you. They are just innocent victims in exactly the same way as every recipient of these emails.
To read the original article:

Laisser un commentaire

Next Post

Attackers can Steal Sensitive Data by Abusing CSS – CSS Exfil Vulnerability

CSS is a stylesheet language which provides a presentation for documents, all our modern websites heavily depend on the CSS. A new CSS vulnerability dubbed CSS Exfil can be used by attackers to steal data from the webpages using CSS. With the vulnerability, attackers can steal sensitive data’s including usernames, […]