URL Attacks and The Ways to Stay Away from Them!

URL Attacks and The Ways to Stay Away from Them!

URL Attacks are a kind of URL redirection attacks that redirect victims from the current page to a new URL, but it is a phishing page that poses as a legitimate site. This is done to steal the credentials from the victims. Users get easy tricked by this kind of attack.

Attackers use social engineering techniques such as phishing emails to redirects victims from trusted domain to a malicious site, which is known as URL redirection attack. The attackers send phishing emails with malicious links to targets. When these links are clicked, the user is redirected to a phishing site, and the users are asked to enter their login credentials. As soon as the user logs in with their credentials, the attackers perform malicious deeds. Sometimes, the links sent may lead to malware sites and infect the user's system. So, the victim is prone to either a data breach or a malware attack.

If you want to know more about these kinds of phishing attacks, the following is a kind of URL attack to give you insights.

NoRelationship phishing attack:

‘NoRelationship’ is relatively a new kind of phishing attack which evades Microsoft’s Exchange Online Protection (EOP) URL filters, the ones which scan the Microsoft Office documents such as Word (.docx), Excel (.xlsx), and PowerPoint (.pptx). In this case, the phishing email contains a .docx attachment containing a malicious link and when the victim opens the malicious attachment, they will be redirected to a credential harvesting login page. Any external links from a relationship (xml.rels) file are deleted by the attackers which is a legitimate file that lists all links included in an attachment. Deleting external links lead to Microsoft’s Exchange Online Protection filters not detecting the malicious URL. Link parsers do not scan the full document instead rely on a relationship (xml.rels) file, and without it, the chances of the malicious links getting detected are minimal. There are several other kinds of URL based attacks and here is how to stay safe:

Always be cautious while opening any email attachments that are from anonymous senders. Do check the legitimacy of an URL before clicking it. Try to detect suspicious URLs by simply hovering the link.