Kaspersky researchers have identified a growth in the usage of cunning spam and phishing delivery technique. Malicious internet users are increasingly exploiting registration, subscription, and feedback forms on websites to insert spam content or phishing links into confirmation emails from respected and trustworthy companies on a global scale.

 

Malicious users are constantly looking for new methods to deliver their spam and phishing messages to recipients, while bypassing existing content filters. Ideally, they try to make letters come from a legitimate source with a good reputation so that users cannot ignore the unwanted email. This also creates a challenge for companies as this unwanted spam or even malicious content, seemingly sent on their behalf, could compromise their customers’ trust or even lead to personal data leaks.

 

The method is quite simple and effective. Today, almost every company is interested in receiving feedback from their clients to improve the quality of service, customer retention, and reputation. To do this, companies ask customers to register a personal account, subscribe to newsletters or communicate with feedback forms on the website, for example, to ask questions or leave suggestions. These are exactly the mechanisms that attackers are exploiting.

 

All three mechanisms require the customers’ name and email address, so they can receive a confirmation email or feedback. According to Kaspersky researchers, scammers are adding spam content and phishing links into this mail. They simply add the victim’s email address into the registration or subscription form and type their message instead of the name. The website will then send a modified confirmation letter to that address, containing an advertisement or phishing link at the beginning of the text instead of the recipient’s name.

 

“Most of these modified letters are linked to online surveys designed to obtain personal data from visitors. Notifications from a reliable source usually pass through content filters with ease, as they are official messages from a reputable company. This is why this new method of unwanted, yet seemingly innocent, spam emailing is so effective and worrying,” notes Maria Vergelis, security expert at Kaspersky.


 

To keep companies from possible reputational losses, we advise:

  • To check how the feedback forms work on your website
  • To embed several verification rules that would cause an error when trying to register a name with inappropriate symbols
  • To conduct a vulnerability assessment of the website, if possible.

 

Read the full text of the report on Kaspersky Daily.


RECOMMENDED ARTICLE FOR TECHWORLD


 
PLDT, Smart Emerge as Undisputed Fastest Fixed and Mobile Networks in PH
Techworld Date Posted: 11 April 2019 11:08 AM | 20 Views
Filipinos enjoy a much better digital experience whether at home or on the go with PLDT and Smart, which recently emerged as the undisputed fastest fixed and mobile networks in the Philippines, based on.... See More
 
PLDT, Smart Emerge as Undisputed Fastest Fixed and Mobile Networks in PH
Techworld Date Posted: 11:08 AM | 20 Views
Filipinos enjoy a much better digital experience whether at home or on the go with PLDT and Smart, which recently emerged as the undisputed fastest fixed and mobile networks in the Philippines, based on...See More

 
HMD Global, CGI, and Google Cloud in Partnership to Build Nokia Phones for the Future
Techworld Date Posted: 18 June 2019 10:48 AM | 20 Views
HMD Global, CGI, and Google Cloud in Partnership to Build Nokia Phones for the Future. See More
 
HMD Global, CGI, and Google Cloud in Partnership to Build Nokia Phones for the Future
Techworld Date Posted: 10:48 AM | 20 Views
HMD Global, CGI, and Google Cloud in Partnership to Build Nokia Phones for the FutureSee More

 
Smart Reimagines Postpaid Experience with New Signature Plans
Techworld Date Posted: 21 May 2019 8:32 AM | 31 Views
PLDT mobile services arm Smart Communications is ushering in a reimagined postpaid experience that puts customers first as it launches the new Signature Plans.. See More
 
Smart Reimagines Postpaid Experience with New Signature Plans
Techworld Date Posted: 8:32 AM | 31 Views
PLDT mobile services arm Smart Communications is ushering in a reimagined postpaid experience that puts customers first as it launches the new Signature Plans.See More

 
SAP Honored with Prestigious “Friend of ASEAN” Award for Contributions to the ASEAN Region
Techworld Date Posted: 27 December 2018 2:23 PM | 231 Views
SAP SE (NYSE: SAP) has recently announced it was awarded the prestigious “Friend of ASEAN” accolade for its positive social and economic contributions to the Southeast Asia region at the ASEAN Business Awards 2018.. See More
 
SAP Honored with Prestigious “Friend of ASEAN” Award for Contributions to the ASEAN Region
Techworld Date Posted: 2:23 PM | 231 Views
SAP SE (NYSE: SAP) has recently announced it was awarded the prestigious “Friend of ASEAN” accolade for its positive social and economic contributions to the Southeast Asia region at the ASEAN Business Awards 2018.See More

 
Fortinet Introduces New Security Automation Capabilities on Amazon Web Services, Expands Fortinet Security Fabric Offerings
Techworld Date Posted: 4 January 2019 1:19 PM | 20 Views
Fortinet® (NASDAQ: FTNT), a global leader in broad, integrated and automated cybersecurity solutions, has announced the expansion of its Fortinet Security Fabric offerings and new automation capabilities for Amazon Web Services (AWS). See More
 
Fortinet Introduces New Security Automation Capabilities on Amazon Web Services, Expands Fortinet Security Fabric Offerings
Techworld Date Posted: 1:19 PM | 20 Views
Fortinet® (NASDAQ: FTNT), a global leader in broad, integrated and automated cybersecurity solutions, has announced the expansion of its Fortinet Security Fabric offerings and new automation capabilities for Amazon Web Services (AWS)See More

 
Apacer Welcomes Intelligent Connectivity at the Recently Held COMPUTEX 2019
Techworld Date Posted: 6 June 2019 9:39 AM | 23 Views
Apacer, the global leader in industrial digital storage, introduced its new program entitled "Welcoming Intelligent Connectivity" at the recently held COMPUTEX 2019. This platform showcases a variety of vertical market packages and next-generation innovative.... See More
 
Apacer Welcomes Intelligent Connectivity at the Recently Held COMPUTEX 2019
Techworld Date Posted: 9:39 AM | 23 Views
Apacer, the global leader in industrial digital storage, introduced its new program entitled "Welcoming Intelligent Connectivity" at the recently held COMPUTEX 2019. This platform showcases a variety of vertical market packages and next-generation innovative...See More

 
ADATA to Unveil New Product Lineup During CES 2019
Techworld Date Posted: 3 January 2019 2:22 PM | 103 Views
ADATA Technology, a leading manufacturer of high-performance DRAM modules, NAND Flash products, and mobile accessories, has announced that it will be in Las Vegas during this year’s CES. See More
 
ADATA to Unveil New Product Lineup During CES 2019
Techworld Date Posted: 2:22 PM | 103 Views
ADATA Technology, a leading manufacturer of high-performance DRAM modules, NAND Flash products, and mobile accessories, has announced that it will be in Las Vegas during this year’s CESSee More

 
Lenovo and Intel Kick Off Legion of Champions III 2019
Techworld Date Posted: 15 January 2019 10:52 AM | 20 Views
Lenovo, the world’s leading PC and smart device manufacturer, has announced the kick-off of its Legion of Champions Series III (LoC III) Grand Finals.. See More
 
Lenovo and Intel Kick Off Legion of Champions III 2019
Techworld Date Posted: 10:52 AM | 20 Views
Lenovo, the world’s leading PC and smart device manufacturer, has announced the kick-off of its Legion of Champions Series III (LoC III) Grand Finals.See More

 
The Nightmare Before Christmas: A Third of Shoppers’ Financial Credentials Compromised
Techworld Date Posted: 20 December 2018 4:32 PM | 150 Views
The time of unrestrained shopping has already begun, thanks to Black Friday in November. This is swiftly followed by Christmas and New Year gift-giving, and then the January sales.. See More
 
The Nightmare Before Christmas: A Third of Shoppers’ Financial Credentials Compromised
Techworld Date Posted: 4:32 PM | 150 Views
The time of unrestrained shopping has already begun, thanks to Black Friday in November. This is swiftly followed by Christmas and New Year gift-giving, and then the January sales.See More

 
Bykski Announces Real-Time Temperature Monitoring Fittings for Watercooling
Techworld Date Posted: 28 April 2018 4:33 PM | 66 Views
Bykski, professional manufacturer of computer watercooling solutions, is proud to announce the availability of its real-time temperature sensor monitor featuring HD LCD displays capable showcasing real-time information to the users. The Bykski B-TME-SE-AL and.... See More
 
Bykski Announces Real-Time Temperature Monitoring Fittings for Watercooling
Techworld Date Posted: 4:33 PM | 66 Views
Bykski, professional manufacturer of computer watercooling solutions, is proud to announce the availability of its real-time temperature sensor monitor featuring HD LCD displays capable showcasing real-time information to the users. The Bykski B-TME-SE-AL and...See More


Power by

Download Free AZ | Free Wordpress Themes