99 Phishing Sites but Microsoft Did Not Leave One

A phishing website is a wonderful instrument for virtual schemers. Once a phishing website is set up, the attackers can trick gullible visitors into disclosing personal information or interacting with unreliable or even malicious content (e.g., links, buttons, and ads). While schemers can build unique phishing websites, they also can build websites that look similar or even identical to well-known and popular ones. In this report, we focus on the websites that were using the good name of Microsoft to lure in victims. Recently, the company revealed on its blog that it took control of 99 websites linked to a malicious hacking group. Continue reading, and you will learn how to recognize phishing websites, as well as how to protect your virtual identity against vicious schemers.

Microsoft vs. Phosphorus

Phosphorus is one of the names that a hacking group believed to be from Iran is known by. Other aliases include Ajax, APT 35, and Charming Kitten. This group is responsible for the 99 websites that have been taken down, and that was done after a court ruling of the U.S. District Court for Washington D.C. According to Microsoft, the group was tracked by the Microsoft’s Digital Crimes Unit and the Microsoft Threat Intelligence Center since 2013, and by taking over the malicious websites, they were able to stop successful cyberattacks. The domains of these websites used URLs similar to those of Microsoft websites, but, of course, they were set up to work as phishing tools, and it is reported that these websites were either used to extract passwords and sensitive information or drop malware.

According to the Microsoft blog post, Phosphorus would perform spear-phishing attacks using social engineering scams to lure users in. The targeted users would be tricked into clicking on corrupted links – in some cases, sent via fake social media profiles – that would redirect to malicious websites and help the criminals perform successful phishing attacks. The schemers could also send misleading spam emails warning the targets about alleged security issues and, later on, push them to disclose login credentials via fake web forms. It is not surprising that to make the phishing attack less suspicious, the attackers chose to set up fake websites. When a scam website looks like Microsoft website, the victim is automatically less cautious. The company informed that phishing attacks by Phosphorus were delivered using websites whose URLs included the names of legitimate websites, including myaccount-services.net, outlook-verify.net, verification-live.com, and yahoo-verify.net.

Now, if you accidentally visit one of the 99 malicious websites used in phishing attacks by Phosphorus, you are automatically redirected the Digital Crime Unit’s sinkhole. Unfortunately, that does not mean that this is the end for all phishing attacks from this group of hackers. The process of tracking malicious phishing websites and then taking them down is not straightforward, and hackers always have room to evolve. At the end of the day, it is hard to say, how many new malicious phishing websites could be set up, as well as which other methods the attackers could use to terrorize gullible users. If you believe that you might have become a victim of Phosphorus attackers, scan your operating system to check for silently active malware and also change your sensitive passwords immediately. We recommend implementing a tool called Cyclonis Password Manager to help you assess existing passwords, generate stronger passwords where needed, as well as encrypt them to ensure protection against cyber attackers.

What to do if a scam website looks like Microsoft website?

Virtual scams are the driving power of the cybercrime world. Whether they like it or not, schemers need disguises in order to trick people online, and that is where the scams come in. In most cases, the attackers rely on fictitious websites. Whether you click a misleading ad or a malicious link sent to you via email, you have to be redirected to somewhere. Unfortunately, phishing websites can look completely inconspicuous, and you might be trapped before you know it, which is why it is essential that you learn how to identify virtual scams and also learn about the ways to ensure protection. Before we move on – if you ever come across a website that, clearly, is used for phishing attacks, you should report it ASAP. Also, note that not all scam websites look like Microsoft websites. Virtually, any website could be cloned.

Signs of a phishing website:

  • The URL is incorrect. Beware of slight modifications that might confuse you, such as microsft.com instead of microsoft.com, and also beware of fake URLs that might seem official. For example, while microsoft.support.com might seem like a legitimate website, it is not.
  • Take notice of the certification. Have you noticed the green padlock icon attached to the URL? This is the website’s certification. If you come across a website that does not have this green padlock, close it immediately. On the other hand, you cannot trust this icon blindly either.
  • Take the “Not Secure” warning seriously. The “Not Secure” icon might be presented in place of the green padlock. If that happens, the website should not be trusted. In the same vein, you should not ignore your browser’s warnings that might prevent access to malicious websites.
  • The interface is unfamiliar. If you visit a website you think you are familiar with, and you immediately notice changes in the interface, do not automatically assume that the website was updated. Always consider the possibility that you have visited a malicious website.
  • HTTP vs. HTTPS. You have to check whether the URL of the website you are visiting starts with HTTP or HTTPS. Even though this might seem like a minuscule detail, it is important. You should continue reading HERE to learn more about the differences between these two protocols.
  • Demands sensitive data. If you visit a website that persistently demands to enter a password or other sensitive information, there is a good chance that this website is used in a phishing attack.

Phishing websites can imitate social media platforms, online banking portals, security-related websites, and everything in between. While in many cases they are set up to extract information or introduce the visitor to false information (e.g., tech-support scams are set up to trick the visitor into communicating with schemers), many of them are used to drop malware. In such case, even visiting the malicious website could lead to a successful attack. You might not even need to do anything else. This is why we continue to talk about phishing scams and phishing attacks. To avoid them, you must be on high alert at all times, and if you ever get scammed, you must take action immediately.

By Foley
April 12, 2019
News
English
April 12, 2019
News

Popular Posts

As Fears of the Coronavirus Pandemic Spread, So Does...

4 years ago

Microsoft Warns State-Backed Threat Actors Are Using AI in...

4 days ago

Trojan Al11 Malware Detection & Removal - An Essential...

11 months ago

Pinaview is a Fully-Featured Adware App

10 months ago

"Your iCloud is Being Hacked" and "Your iPhone has Been...

7 months ago

What is Lucky Ransomware?

7 months ago

Related Posts

Tips

How to Spot and Avoid Phishing Scams

Nowadays, pretty much everyone's on their toes when it comes to real life (IRL) fraudsters. Charlatan tricks, pyramid schemes, television hoaxes, unsolicited and phony services and subscriptions have harmed so many... Read more

June 22, 2018
Tips

Top 6 Tips to Avoid Phishing Scams on Your Social Networking Platforms

How much time do you spend on your social media accounts? Some platforms – for example, Instagram –now offer tools that show exactly how much time is spent on them, and there are mobile apps that can track all social... Read more

April 1, 2019
News

Schemers Employ a New Phishing Email to Collect Microsoft Passwords

Can you name the world's most lucrative type of cybercrime? Unfortunately, we can't definitively say whether or not your suggestion is correct. The world of online fraud is so vast and diverse that there simply is no... Read more

February 5, 2019
English
Loading...

Cyclonis Backup Details & Terms

The Free Basic Cyclonis Backup plan gives you 2 GB of cloud storage space with full functionality! No credit card required. Need more storage space? Purchase a larger Cyclonis Backup plan today! To learn more about our policies and pricing, see Terms of Service, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Cyclonis Password Manager Details & Terms

FREE Trial: 30-Day One-Time Offer! No credit card required for Free Trial. Full functionality for the length of the Free Trial. (Full functionality after Free Trial requires subscription purchase.) To learn more about our policies and pricing, see EULA, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Home

Products

Cyclonis Backup Cyclonis Password Manager Cyclonis World Time

Support

Help Files FAQs Downloads Inquiries & Support

Company

About Us Contact Us Report Abuse

Legal (Post Merger)

EnigmaSoft Limited (fka Cyclonis Limited)

Cyclonis Backup's Terms of Service Cyclonis Password Manager's EULA Cyclonis World Time's Terms of Service Privacy Policy Cookie Policy Special Discount Offer Terms Additional Terms & Conditions SpyHunter EULA RegHunter EULA EnigmaSoft Privacy Policy & Cookie Policy ESG Privacy Policy & Cookie Policy EnigmaSoft Discount Offer Terms ESG Discount Offer Terms

© 2017-2024 Cyclonis Ltd. CYCLONIS is a trademark of EnigmaSoft Limited (Cyclonis was merged into EnigmaSoft Limited effective November 25, 2023.) All rights reserved.

Registered Office EnigmaSoft Limited: 1 Castle Street, 3rd Floor, Dublin 2 D02 XD82, Ireland.
EnigmaSoft Limited, Private Company Limited by shares, Company Registration Number 597114.

Windows is a trademark of Microsoft, registered in the U.S. and other countries.
Mac, iPhone, iPad and App Store are trademarks of Apple Inc., registered in the U.S. and other countries.
iOS is a registered trademark of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
Android and Google Play are trademarks of Google LLC.