Math Symbols Used for Spoofing Purposes in Phishing Campaigns

Phishing is a malicious technique used by cybercriminals to gather sensitive information from users.

Phishing attacks happen when the attackers pretend to be a trustworthy entity so they can bait the victims into trusting them and revealing their confidential data, later to be used for financial theft, identity theft, and to gain unauthorized access to the victim’s accounts.

What Happened?

It seems that the phishing actors are now making use of mathematical symbols on impersonated company logos in an attempt to evade detection from the anti-phishing systems.

The researchers at INKY analyzed a sample involved in the Verizon recent spoofing, a large U.S.-based telecommunication service provider.

As explained by BleepingComputer, in this specific scenario, the malicious actors seem to be using a square root symbol, a logical NOR operator, or the checkmark symbol itself.

Source

All these elements are helping to create a fine optical differentiation that unfortunately is able to trick the AI-based spam detectors.

The main concern is that if we consider the large number of people that don’t keep up with the latest logo changes though, we can assume the delivery success and user engagement rates will be quite high.

All three forms of spoofing are disguised as voicemail

Read More: https://heimdalsecurity.com/blog/math-symbols-used-for-spoofing-purposes-in-phishing-campaigns/