Tracking pixels could be the next phishing attack
Beware of images that are so small, that image could lead to your next phishing attack. These image files or tracking pixels like GIF or PNG formats are designed to send a string of code to outside website so that it can be used as a marketing tool for various email and web advertising.
The image is usually only one pixel in size and can be as the same color as the background to disguise itself from the user and to prevent user to know that they are being tracked.
The code in the pixels is meant to inform the website when the user is downloading the image. It can contain the information such as IP address, OS, web browser types, cookies and other information warns checkpoint researchers.
Checkpoint researchers further explain that phishers can use tracking pixels to learn about the victim’ s scam mails. These attacks can leverage the tracking pixels as surveillance tool.
“ For well over a decade, it has been understood that you can utilize tracking pixels in Microsoft Office files like Word documents, Excel spreadsheets and PowerPoint presentations. This works because Office files can link to an image located on a remote Web server. Putting a tracking pixel in an Office document allows you to be able to track a document’ s activity as it moves through an organization,” the security firm notes.
Although the tracking pixels haven’ t yet been found as the direct cause of a breach and the threat actors can use the information of which email recipients are most likely to open email scams to increase the chances of a successful phishing attack.
Enterprises have been advised to deploy email and anti-phishing security controls on their respective cloud environment and should be patched up at all times. And another tip is to look for anomalous image placeholders while downloading image in advertising email can also help not to get breached by tracking pixels.
Comments ( 0 )
No comments available