A new phishing campaign impersonating Google Translate has been discovered to deceive victims.
The campaign was monitored by cybersecurity researchers from Afanan, and they found several phishing emails, some of which were written in Spanish.
The emails are consistent with what one would expect from a phishing attack, as they allegedly came from the victim’s email provider, explaining that identification (Opens in a new tab) It is not confirmed, and unless they act immediately, they will lose access to unread messages.
Lots of javascript
This is a common practice with phishing emails, the researchers say, because a sense of urgency causes people to act irrationally and recklessly, making them more likely to click on a malicious link or download a malicious attachment.
To “confirm” their identity, victims are asked to click on the link in the email itself. Those who fall for the scam and click on the link are redirected to a page that looks like Google Translate (which it isn’t). However, at the top of the page there is a login popup box, where victims have to enter their credentials. user name/The password (Opens in a new tab) The combination entered there goes directly to the attackers.
The fake translation page looks completely real, the researchers say, adding that the attackers used “a lot of JavaScript” to make it happen. It was also said that they included the Unescape command to conceal their true intentions.
Experts concluded, “This attack has a little bit of everything.” “It has a unique front-end social engineering. It makes use of a legitimate site to help access the inbox. It uses deception and obfuscation to confuse security services.”
The researchers warn that users need to be extra vigilant to defend against such attacks.
As a general rule, emails that require urgent action from the user are most likely phishing attacks and should be handled with extreme caution.