Phishing Campaign Popular Websites Stealing Credentials Through Watering Hole

By   ISBuzz Team
Writer , Information Security Buzz | Apr 01, 2019 11:30 am PST

Following the news that popular South Korean search engines have been targeted by a phishing campaign that utilises the watering hole technique to acquire login credentials from victims, Corin Imai, Senior Security Advisor at Domaintools, offers the following commentary.  

Corin Imai, Senior Security Advisor at Domaintools:

“By spoofing popular search engine websites, attackers adopted a strategy aimed at maximising the number of potential victims. Unfortunately, it is very hard to prevent campaigns such as Soula, since users tend to have their guard down when visiting popular, reputable websites, and are more easily tricked into providing their credentials because the familiarity of the page creates a sense of security. The red flag that should raise users’ concerns, however, is the pop-up page triggered by attackers: any unsolicited, unusual login request should be treated with the most caution.   

As a form of protection to all credential stealing campaigns, users should enable two-factor authentication wherever possible, and adopt a multi-layered defence system that can help to filter out malicious URLs and pop-ups.”