Using email to trick users is something that hackers have done for ages, but they usually find themselves tucked away in the spam folder where they belong, or blocked entirely by enterprise-level content filters. Hackers, however, are a crafty lot, and they have discovered ways to break through these measures through the use of a surprising third party: social media websites.
Spam blockers are primarily successful because they can examine the content of messages and determine whether they are authentic or not. One way it does this is by looking at the links within the email’s body. If the links are authentic and go to known “safe” websites, then it will almost certainly make it through the content filter, even if it’s not necessarily safe.
Hackers can exploit this weakness by using certain sites to bypass the spam blockers, almost like a middle-man. They might use a social media website to write a post that contains a suspicious link, then send an email with a link to that post using the social media’s sharing capabilities. This effectively masks the suspicious link behind the apparently secure one used by the social media platform.
This creative approach is one that must be taken seriously, especially since it is currently being used to spread threats. A recent campaign using Facebook as a delivery mechanism showcases just how this method can be used to mask phishing attacks. In this case, hackers might send a victim an email message suggesting that the user has violated their terms of service. When the victim clicks on the link in the email, they are taken to a legitimate Facebook post that discusses issues that must be resolved. The post prompts the user to click on a phishing link, and, well… you know the rest.
Case in point, you should never trust links in your email inbox by default, even if they are from seemingly legitimate sources. Phishing can happen when you least expect it, even while on social media websites or support forums. If you think a link looks just a little too sketchy for your preference, it never hurts to have a security professional like the folks at Fuse Networks take a look at it. We can review the contents of messages to determine if they are legitimate or threatening.
Of course, the best way to prevent the majority of attacks is through the implementation of a spam blocker, and we can help you with that, too. With our unified threat management tools, you can leverage enterprise-grade security solutions without the hefty price tag associated with them. To learn more, reach out to us at 855-GET-FUSE (438-3873).