AUT-9 · Mobile Threat Catalogue

Mobile Threat Catalogue

Phishing Websites

Contribute

Threat Category: Authentication: User or Device to Remote Service

ID: AUT-9

Threat Description: Phishing emails have been prevalent for a very long time. These emails typically link to websites geared at specific individuals, departments, or companies, and may be designed to look like their genuine counterpart with the intention of capturing credentials.

Threat Origin

Phishing Defenses for Webmail Providers 1

Exploit Examples

Your Account PayPal Has Been Limited Phishing Scam 2

CVE Examples

Not Applicable

Possible Countermeasures

Enterprise

Ensure corporate e-mail policy is configured to scan for suspicious files, executables, or attachments, and segregate such emails to increase end-user awareness of their potential to contain malicious content.

Deploy email and web proxy services that will examine URL resources for malicious content, and if any is found, prevent delivery of the message to the intended recipient.

Deploy email filtering tools or services that will automatically remove detected URLs from the body of emails from untrusted domains.

Educate end users on how to recognize phishing attempts and increase their awareness of techniques to browse safely from mobile devices, such as tap-and-hold on a hyperlink to examine its associated URL.

References

  1. R. Graves, Phishing Defenses for Webmail Providers, white paper, SANS Institute, 2013; www.sans.org/reading-room/whitepapers/email/phishing-detecton-remediation-34082 [accessed 8/258/2016] 

  2. C. Boyd, “‘Your Account PayPal Has Been Limited’ Phishing Scam”, blog, 8 May 2015; https://blog.malwarebytes.com/cybercrime/2015/05/your-account-paypal-has-been-limited-phishing-scam/ [accessed 8/25/2016]