Geotargeting is significant in the global market as businesses can customize ads based on location, making them more valuable for businesses and personalized for consumers. However, Avanan has discovered hackers using geotargeting to send customized phishing messages to their intended targets by language and region.

What’s Geo Targetly?

Geo Targetly is a legitimate website commonly used by advertisers to redirect users to local pages and ads. It works by displaying content in the user's local language, such as English for a user in New York and French for a user in France.

Diving into details

Hackers used Geo Targetly, a geo-targeting platform, to redirect users and display them customized phishing pages. 
  • The attack specifically targeted users in Colombia, and the phishing emails were sent in Spanish.
  • The threat actors have been following the spray-and-pray technique that ensures they can target a massive number of individuals at a go and guarantee that the ads are localized and relevant.

Why this matters

  • A hacker can leverage Geo Targetly to redirect users in a specific region to a counterfeit login page that is designed to look like the genuine one.
  • Such customization boosts the chances of tricking the user. The redirect appears legitimate and is tailored to match their language and location, making it easier for hackers to launch successful spray-and-pray attacks globally.

Beware of these unique campaigns too!

  • ASEC researchers identified a bunch of phishing emails that leveraged Google’s favicon features to disseminate. What’s novel is that it would enable the hacker to reflect the email account service used by the target.
  • Earlier in January, researchers discovered a new method for phishing, SaaS-to-SaaS, which is hard to detect and uses a multi-stage attack chain.

The bottom line

As phishing attacks keep evolving, organizations and individuals should take their security game to the next level. Check URLs in email and browser before proceeding and confirm if the site is legitimate. Moreover, implement proactive cybersecurity defenses and follow basic cyber hygiene to stay safe.
Cyware Publisher

Publisher

Cyware