Member
- Joined
- Oct 14, 2023
- Messages
- 225
- Thread Author
- #1
Cybercriminals have become more likely to use spoofed letters in malicious emails.
F. A. C. C. T. reports a sharp increase in attempts to circumvent anti-spam solutions using homoglyphs. Homoglyphs are graphically identical or similar characters in malicious mailings. According to the company, in the third quarter of 2023, the number of such emails increased 11 times compared to the same period in 2022. Among the most frequently substituted letters by intruders are E, O, C and A.
Specialists of the F. A. C. C. T. Cybersecurity Center note that the surge in the use of homoglyphs in malicious emails began at the beginning of this year. For example, a similar technique is used by operators of the WhiteSnake stealer, a malicious program that steals credentials from browsers, applications, and victims crypto wallets. In August, the steeler was distributed under the guise of a letter from an investigator. Then employees of the companies received letters allegedly asking them to give evidence in a criminal case. In fact, the mailing list contained an archive containing malware.
This method allows cybercriminals to bypass the filtering systems of incoming and outgoing emails, increasing the probability of delivering malicious messages to the final recipients. At the same time, attackers often insert Latin homoglyphs into letters in Russian, while other alphabets or special characters are not yet used. Emails from the same malicious mailing list may contain different variants of letter substitutions.
The company noted that apparently, the use of homoglyphs as a method of deception remains effective. This approach can bypass simple anti-spam systems, and users who click on suspicious links or open attachments from such emails can endanger their email accounts and even corporate networks.
F. A. C. C. T. reports a sharp increase in attempts to circumvent anti-spam solutions using homoglyphs. Homoglyphs are graphically identical or similar characters in malicious mailings. According to the company, in the third quarter of 2023, the number of such emails increased 11 times compared to the same period in 2022. Among the most frequently substituted letters by intruders are E, O, C and A.
Specialists of the F. A. C. C. T. Cybersecurity Center note that the surge in the use of homoglyphs in malicious emails began at the beginning of this year. For example, a similar technique is used by operators of the WhiteSnake stealer, a malicious program that steals credentials from browsers, applications, and victims crypto wallets. In August, the steeler was distributed under the guise of a letter from an investigator. Then employees of the companies received letters allegedly asking them to give evidence in a criminal case. In fact, the mailing list contained an archive containing malware.
This method allows cybercriminals to bypass the filtering systems of incoming and outgoing emails, increasing the probability of delivering malicious messages to the final recipients. At the same time, attackers often insert Latin homoglyphs into letters in Russian, while other alphabets or special characters are not yet used. Emails from the same malicious mailing list may contain different variants of letter substitutions.
The company noted that apparently, the use of homoglyphs as a method of deception remains effective. This approach can bypass simple anti-spam systems, and users who click on suspicious links or open attachments from such emails can endanger their email accounts and even corporate networks.