Tuav! Lub vev xaib raug cai ntawd tuaj yeem ua yuam kev los nyiag koj tus password

Cov txheej txheem:

Tuav! Lub vev xaib raug cai ntawd tuaj yeem ua yuam kev los nyiag koj tus password
Tuav! Lub vev xaib raug cai ntawd tuaj yeem ua yuam kev los nyiag koj tus password
Anonim

Key Takeaways

  • Fraudsters tau vam khom rau cov kev pabcuam tiag, zoo li cov neeg tsim lub vev xaib, los tuav cov phiaj xwm phishing, cov kws tshawb fawb tau tshawb pom.
  • Lawv ntseeg tias siv cov kev pabcuam raug cai no ua rau cov kev dag ntxias no pom tau tias muaj kev ntseeg siab.
  • Tib neeg tseem tuaj yeem tshawb pom cov kev dag ntxias no los ntawm kev nrhiav qee cov cim qhia, qhia cov kws tshaj lij phishing.

Image
Image

Vim tias qhov kev pabcuam raug cai thov rau koj daim ntawv pov thawj nkag tsis tau txhais tias koj tsis raug gamed.

Raws li cov kws tshawb fawb ntawm Unit 42, cybersecurity caj npab ntawm Palo Alto Networks, cybercriminals tau nce kev ua phem rau qhov tseeb-xiav software-as-a-service (SaaS) platforms, suav nrog ntau lub vev xaib tsim thiab tsim tsim, los tuav phishing nplooj ntawv. Kev siv cov kev pabcuam saum toj no pab cov neeg dag ntxias kom muaj huab cua ntawm kev raug cai rau lawv cov kev dag ntxias.

"Nws ntse heev vim lawv paub tias peb tsis tuaj yeem [blocklist] qhov nyiam ntawm Google thiab lwm yam [tech] loj heev," Adrien Gendre, Tus Thawj Saib Xyuas Kev Lag Luam thiab Cov Khoom Muag nrog email tus neeg muag khoom ruaj ntseg, Vade Secure, hais rau Lifewire dhau. email. "Tab sis txawm tias qhov tseeb tias nws nyuaj dua los tshawb xyuas phishing thaum nplooj ntawv tau tuav ntawm lub vev xaib muaj npe nrov, nws tsis tuaj yeem ua tsis tau."

Ntawm Fakes

Kev siv cov kev pabcuam raug cai los ntxias cov neeg siv kom xa lawv cov ntawv pov thawj nkag tsis yog qhov tshiab. Txawm li cas los xij, cov kws tshawb fawb tau pom tias muaj kev nce siab ntau dua 1100% hauv kev siv lub tswv yim no thaum Lub Rau Hli 2021 thiab Lub Rau Hli 2022. Dhau li ntawm lub vev xaib thiab cov tsim tsim, cyber crooks tau siv cov chaw sib koom ua ntaub ntawv, kev sib koom tes platform, thiab ntau dua.

Raws li cov kws tshawb fawb, kev nce qib ntawm SaaS cov kev pabcuam tiag tiag ntawm cybercriminals feem ntau yog vim cov nplooj ntawv tuav hauv cov kev pabcuam no feem ntau tsis yog chij los ntawm ntau yam kev dag ntxias thiab kev dag ntxias, tsis hais hauv web browser lossis hauv email cov neeg siv khoom.

Tsis tas li ntawd, tsis yog cov SaaS platforms yooj yim siv dua li tsim lub vev xaib los ntawm kos, tab sis lawv kuj ua rau lawv hloov mus rau nplooj ntawv phishing sib txawv yuav tsum tau muab los ntawm cov koom haum tub ceev xwm.

Qhov kev tsim txom ntawm cov kev pabcuam tiag tiag rau phishing tsis ua rau Jake, Tus Saib Xyuas Kev Nyab Xeeb Loj ntawm Lub Tuam Txhab Kev Txawj Ntse, uas tshwj xeeb hauv kev lees paub kev dag ntxias, thiab leej twg tsis xav kom raug txheeb xyuas thaum nws tshawb xyuas cov phiaj xwm phishing nquag.

Thaum nws pom zoo tias feem ntau nws yuav siv zog me ntsis ntxiv txhawm rau txhawm rau txheeb xyuas qhov kev tsim txom no, nws tsis tuaj yeem ua tsis tau, ntxiv tias cov kev pabcuam raug cai no feem ntau mob siab rau ua cov ntaub ntawv kev tsim txom, ua rau nws yooj yim dua los tshem tawm qhov chaw phem.

Nyob rau hauv kev sib tham nrog Lifewire tshaj Twitter, Jake tau hais tias feem ntau cov phiaj xwm phishing, suav nrog cov tuav ntawm cov kev pabcuam raug cai, muaj qee qhov kev qhia pom tseeb rau txhua tus neeg saib xyuas.

"Cov kev pabcuam raug cai no feem ntau muaj banners lossis footers uas hem cov neeg ua yeeb yam tsis tuaj yeem tshem tawm, yog li cov vev xaib xws li Wix muaj chij nyob rau sab saum toj, Google cov ntawv muaj cov ntawv hauv qab hais tias yuav tsum tsis txhob sau tus password rau hauv cov ntawv, thiab lwm yam., "hais tias Jake.

Eyes Peeled

Tsim los ntawm qhov ntawd, Gendre hais tias thaum lub sijhawm sau npe tuaj yeem ntseeg tau, nplooj ntawv phishing yuav muaj qee qhov tsis txaus ntseeg hauv URL thiab cov ntsiab lus ntawm nplooj ntawv nws tus kheej.

Jake pom zoo, ntxiv tias, rau qhov pib, nplooj ntawv phishing rau daim ntawv pov thawj tseem yuav raug tuav rau ntawm lub vev xaib raug tsim txom es tsis yog cov kev pabcuam uas nws muaj peev xwm nrhiav tau. Piv txwv li, yog tias koj pom tus password rov pib dua nplooj ntawv rau Gmail tuav ntawm lub vev xaib ntawm tus tsim lub vev xaib zoo li Wix, lossis tus tsim daim ntawv zoo li Google Forms, koj tuaj yeem so kom paub tseeb tias koj tau tsaws ntawm nplooj ntawv phishing.

Image
Image

Ntxiv mus, nrog kev ceeb toom me ntsis, cov kev tawm tsam no tuaj yeem raug nipped hauv lawv qhov kev sib tw, qhia cov kws tshawb fawb. Ib yam li lwm qhov kev tawm tsam phishing, qhov no kuj pib nrog email dag.

"Cov neeg siv yuav tsum ceev faj txog cov email uas tsis txaus ntseeg uas siv lub sijhawm-sensitive lus los hais kom tus neeg siv ua qee yam kev ua haujlwm ceev," hais tias Unit42 cov kws tshawb fawb.

Gendre ntseeg tias tib neeg cov riam phom loj tshaj plaws tiv thaiv kev tawm tsam no yog kev ua siab ntev, piav qhia tias "cov tib neeg nyiam qhib thiab teb rau email sai heev. Cov neeg siv yuav tsum siv sijhawm los nyeem thiab tshuaj xyuas email los txiav txim seb puas muaj qee yam tsis txaus ntseeg."

Jake, ib yam nkaus, qhia tib neeg tsis txhob nyem rau ntawm cov ntawv txuas hauv email thiab hloov mus rau lub vev xaib ntawm cov kev pabcuam uas tau pom zoo xa email, los ntawm kev nkag mus rau nws qhov URL ncaj qha lossis los ntawm lub tshuab tshawb nrhiav.

"Yog tias koj tuaj yeem siv tus tswj hwm tus password, cov khoom lag luam no tuaj yeem ua raws li lub hom phiaj URL nrog nplooj ntawv tam sim no koj siv, thiab yog tias lawv tsis sib xws, nws yuav tsis nkag rau koj tus password, uas yuav tsum tsa lub tswb, "said Jake.

Pom zoo: