How to block phishing attacks using proxy software – Digital4

  Recently, phishing attacks hano changed dynamic attack to evade the defenses of a company. Among the most popular among hackers, including the use of proxy software that makes it easier the process of attack on a server.

 What are the differences from a traditional phishing attack? There are protective measures to be implemented to mitigate the risk of this new type of phishing attack based on?

 In the following paragraphs an analysis of the behavior of phishing attacks that use proxy software some helpful advice on how to defend themselves.

  The new era of phishing (and how to defend)

 Phishers, or malware authors used for phishing, they have adapted to the features offered by the tools of information security to achieve their criminal aims. For example, the software Matasploit Pro has a phishing toolkit that automates much of the attack, while the Social-Engineer Toolkit (SET) of TrustedSec may even be helpful to develop phishing attacks.

 The phiser use different tools to automate the cloning of a web site and generate mail phishing that collect information about users unaware and then are transferred to a site controlled by hackers and used for various criminal purposes. A new technology phishing discovery in November of 2014 and dubbed Operation Huyao, contained two types of attack that had been designed to minimize the chances that the victim was aware of being under attack. This attack technique has been used to an online shopping site , and was to create a customized checkout process and the use of proxy software to access the site targeted. Check out custom was necessary because some web browsers have pop-ups that warn you when you enter data on a web site for the purchase of an asset. In this case an SSL proxy would make it possible to the site of e-commerce still receive the data, and at the same time would make it much more challenging to create an SSL proxy fraudulent by phiser.

  Help users with SSL certificates

 It is very hard to that end-users are able to detect a phishing attack Series Operation Huyao. A useful method is to look closely at the address bar and see if a proxy is used to prevent phishing attacks : not all control, and also there are other ways to attack man-in -the-middle. Also, if I were running a proxy SSL certificate SSL could be examined by the user to understand that you are revealing sensitive information to a website pirate.

 The host-based security tools, such as a system of intrusion detection and antimalware tool should detect and block phishing websites created for as long as these are not removed by the authorities or directly from who suffered a theft of the domain. Although the operators of the websites can detect these types of attacks by monitoring a number incoming connections from only one new IP, these can be deceived because they could be accessed by a proxy legitimate or a NAT (network address translation). For this reason any type of incident that may be registered on the site requires a thorough analysis to understand if it is a phishing attack or other type of access allowed.

 In short, it works on traditional systems or cloud, security needs to be rethought in a more modern and flexible.