Internet

Beware of this latest Phishing method that steals your passwords

New trick to steal passwords by Phishing

Something that has increased a lot in recent times is the use of electronic signatures. They serve to authenticate us and be able to carry out transactions remotely, without the need to physically meet in a place. This is very useful, but we can also experience problems.

Hackers have taken advantage of it. In fact, this new Phishing method is based on impersonate DocuSign, one of the leading electronic signature services. They use different techniques for this. What it does is spoof the address and subject of a legitimate email related to digital signatures.

When the victim clicks, they go to an address that appears to be the real DocuSign address. A button appears to see the full document. It simulates a legitimate action to exchange confidential information and alternative signature methods. Upon entering, they arrive at a Microsoft login page, which is often used in these cases. In addition, it shows the view of the document with a watermark to trick the victim into thinking that just by continuing they will be able to see it.

The problem is that, as indicated by Armorblox, email protection does not recognize these emails as a threat. They interpret that it is something legitimate and do not block it. This leaves users unprotected, since the e-mail will arrive in the inbox and they will be able to fall into the trap.

Tips to avoid these attacks

So what can we do to avoid falling victim to these attacks? It doesn’t matter if cybercriminals perfect the Phishing techniques and change the way they send emails or show us a page. The recommendations to maintain security remain the same and it is essential not to skip any of them.

The first and most important thing against Phishing is the common sense. We must avoid making mistakes that could harm us. In this case, the main mistake would be to open a link that comes to us by e-mail and pretends to be legitimate. Whenever there are doubts or we do not see clearly that it has really been sent to us by a reliable person, we should avoid entering these links. It is essential to recognize when a page is Phishing.

Also, it is very important to have All updated correctly. Sometimes vulnerabilities arise that can be exploited by hackers and steal passwords or gain access to the system. With patches and updates we can correct these problems and be more protected.

On the other hand, it is also advisable to always have a good antivirus. This will help prevent the entry of malware that could harm us. There are many options, such as Windows Defender, Avast or Bitdefender. All of them will act as a defensive barrier.

Related Articles