Phishing Campaign Uses Math Symbols to Evade Detection

One notable case spotted by analysts at INKY involves the spoofing of Verizon, a large U.S.-based telecommunication service provider.

In this case, the actors are using a square root symbol, a logical NOR operator, or the checkmark symbol itself, all helping to create a slight optical differentiation that could trick AI-based spam detectors.

Phishing message using the square root symbol in the Verizon logo

For many people who don't keep up with the latest logo changes though, these slightly altered logos look good enough, so the delivery success and user engagement rates have better chances of staying high.

You have fake voicemail

All three spoofing types masquerade as voicemail notifications containing an embedded ‘Play’ button, that when clicked, take the user to a phishing portal that was crafted to look like a Verizon website.

The landing domain is clearly not part of Verizon’s official webspace, with one example given in the report being sd9-08[.]click.

Read Full Article: