Custom web font files are used to install an encrypted font that is in effect a substitution cypher. The source code will look harmless, but a user would instead see a fake landing page designed to steal login credentials
With the letters being substituted, the intended text will be shown in the browser, but will not exist on the page so, evade detection.
To evade detection further, criminals render the bank logo using SVG (scalable vector graphics), so its image and source do not appear in the source code.
https://www.scmagazineuk.com/fake-fonts-used-phishing-attacks-researchers-warn/article/1522178
No comments:
Post a Comment