Millions of Phishing Emails Disguised As HTML Files


The criminal has been proven to disguise data theft by using a phishing email method into an HTML file so that it is not detected as fraud.

Cybersecurity researcher at Kaspersky, Roman Dedenok, quoted from a press release on Monday (23/5), found that this method was used to prevent electronic mail from being detected as spam or containing viruses.

“Cybercriminals cleverly use disguised requests for login credentials and trick unsuspecting victims into entering their usernames and passwords,” said Dedenok.

Read also: Forgot Password? Here’s how to find out through cellphones and laptops

In the period January to April 2022, the cybersecurity company blocked nearly 2 million phishing emails containing HTML attachments. Researchers found there are two methods to spread the malicious HTML.

First, the HTML file contains the phishing link. Cybercriminals send HTML files with text in them. To make it look convincing, hackers write letters that look like they are from official institutions, for example a notification from a bank because there is a large transfer.

The user is asked to click on a link to the bank’s site, which is actually a phishing page. To make it look convincing, cybercriminals imitate the layout, images of writing, to the official logo of an institution.

Victims are asked to open HTML attachments and fill in some data.

The second model of HTML-based fraud is a complete phishing page. Victims are asked to enter (login) to the fake site.

In order to avoid data theft like this, Kaspersky asks internet users to check links before clicking. Hover over to preview the URL, check for misspellings or other irregularities.

Before entering login data, make sure the site starts with HTTPS, which indicates the connection to the site is secure. (Ant/OL-1)


Gallery for Millions of Phishing Emails Disguised As HTML Files