IT criminals are constantly looking for new ways to get their spam and phishing emails sent out. They do what they can to make their messages look like something that comes from a legitimate source with a good reputation, so the recipient doesn’t ignore the email. And this is a problem for the affected businesses, as spam and emails with malicious links sent on their behalf can compromise customer trust in the business and even lead to leakage of personal data.
The method is as simple as it is effective
Today, most companies are interested in receiving feedback from their customers so they can improve customer service, customer retention and their reputation. Therefore, companies ask their customers to create a personal account, subscribe to newsletters or provide feedback via forms on the website. And these are exactly the mechanisms used by IT criminals. All three forms require customers’ names and email addresses so they can receive a confirmation email or feedback.
According to Kaspersky’s IT security researchers, it is easy for IT criminals to add spam content and phishing links in these types of emails. All they have to do is enter the victim’s email address in the registration or subscription form and then add their own text, where the customer’s name should usually be. The website will then send a modified confirmation email to the recipient with advertising or phishing link.
“Most of these modified emails are linked to online surveys designed to collect visitors’ personal information. IT criminals know that messages from a reliable and reputable company usually go straight through the spam filters. is why this new method of unwanted spam and phishing is so effective and worrying, “notes Thomas Damsgaard, Head of Enterprise, Kaspersky in the Nordic region.
To protect the company from loss of reputation, Thomas Damsgaard recommends that companies:
• Controls how feedback forms work on their websites
• Embeds multiple verification rules, such as cannot register a name with inappropriate symbols or links
• Performs website vulnerability assessment, if possible.
Here are an example on, how the hackers works.