When cybercriminals create their own version of a trusted website – specifically designing it to fool visitors for phishing purposes – it is called “website spoofing”.
Depending on the skills of the malicious developers involved in its creation, a spoofed website can sometimes present a convincing replica of the original. Hackers harness legitimate fonts, logo designs, company colours and even functionality to make it appear authentic to visitors. In some instances, threat operators behind such projects will even use a URL that is similar to that used by the real website they are impersonating.
Misdirected to a spoofed website
These scams typically begin with employees typically being led to a spoofed website via a phishing email. Recipients open an email that appears to be from a trusted organisation, such as a bank, a government agency like the HMRC or even internal mail from their own company. The logos used in the email are familiar and the content appears official. A link is typically included in such malicious emails, pretending to offer a quick route to the recipient’s account, and if clicked on, it will direct them to the spoofed website.
On arrival, users will see a page that looks precisely like the one they would expect to see, with a dedicated sign in page requesting the usual fields of username and password. The victim enters their details, which are then stored on the cybercriminal’s server. Later, these credentials will be harvested, allowing them to access the individual’s accounts.
This can lead to financial crime when passwords are associated with bank accounts, or can lead to enterprise network infiltration when company credentials are entered.
Protection against website spoofing
Always ensure you access websites through Secure Sockets Layer or Transport Layer Security (SSL/TLS) protocols, as non-SSL/TLS websites offer hackers multiple opportunities to exploit.
SSL/TLS secured sites can face threats as well, though. Spoofing tactics like the man-in-the-middle technique can corrupt a Domain Name System (DNS) and SSL/TLS connections, sending users to spoofed websites.
The best defence against such unwanted incidents is to always use the most advanced security patches against these middle-man vulnerabilities, and only use trusted networks that have established protection in position.
In addition, be wary of pop-ups. If you’re directed to a website and a pop-up window is instantly displayed requesting credentials, it may be a phishing scam layered over a legitimate website, designed to acquire your information.
If you are unsure if a website is authentic, try signing in with a fake password. A phishing site will not detect this error like the real website, so close your browser immediately.
You can also employ a secure working environment platform. At Galaxkey, we have built our secure workspace to enable enterprise employees to work safely away from the threats of cybercrime. Compatible with an extensive selection of major operating systems and a wide range of devices, our security solution allows personnel to perform their tasks with peace of mind from any location, making it ideal for remote working.
We offer a free two-week trial. If you would like to take us up on the offer, get in touch today:
https://www.galaxkey.com/contact/try-before-you-buy/