Consumers are being victimized by a new phishing trick.
Recently uncovered by researchers, these campaigns embed soft hyphens between each letter of an email subject, according to a report on Fox News by Kurt the CyberGuy.
Filters have improved, but so have the attackers, the CyberGuy adds.
How does this new fraud work?
Through “invisible Unicode characters that
normally help with text formatting,” the CyberGuy reports. “They do not show up in your inbox, but they completely throw off keyword-based filters. Attackers use MIME encoded-word
formatting to slip these characters into the subject. By encoding it in UTF-8 and Base64, they can weave these hidden characters through the entire phrase.”
advertisement
advertisement
By themselves, these scams
resemble the traditional ones — on the surface.
“For instance, one “analyzed email decoded to 'Your Password is About to Expire' with a soft hyphen tucked between every
character. To you, it looks normal. To a security filter, it looks scrambled, with no clear keyword to match.”
The attackers then use the same trick in the body of the email, so both
layers slide through without detection. All it takes is “a fake login page sitting on a compromised domain,” the CyberGuy says.
“If you have ever tried spotting a
phishing email, this one still follows the usual script,” he writes. “It builds urgency, claims something is about to expire, and points you to a login page,” the CyberGuy adds.
“The difference is in how neatly it dodges the filters you trust.”