Loading remotely hosted images rather than embedding them directly into emails is one among the newest tricks employed by phishers to bypass email filters.
Phishers are always finding new ways to trick defenses
Phishing emails – especially when impersonating popular brands – contain widely known brand logos and other images to offer the illusion of getting been sent by legitimate organizations.
Images have also been used for ages as how to bypass an email’s textual content analysis but, as security technologies became better at extracting and analyzing content from images, phishers began trying out several tricks to form the method harder and time-consuming for security scanners.
“Unlike embedded images, which may be analyzed in real time by email filters, remote images are hosted on the online and thus got to be fetched before being analyzed,” Vade Secure researchers explained.
To delay the fetching, phishers are employing multiple redirections, cloaking techniques, and are hosting the pictures on high-reputation domains.
At the instant , this new approach to delivering images in phishing emails is sort of popular and clearly rather successful, but as email security vendors find ways to counter these tricks, cyber criminals will need to change tack another time – then the race continues.