Fake Login Pages a Serious Threat

Login Page


A recent study has identified over 50,000 fake login pages for over 200 of the world’s most known brands.  These web pages are often very realistic in appearance and are commonly used by attackers in order to obtain login credentials to your bank, email, social media sites and many other targets.  Fake login pages are a means for launching Phishing attacks on unsuspecting victims.  It starts with an email appearing to come from a trusted source such as Microsoft or a bank.  The recipient is persuaded, using what’s referred to as social engineering, to enter their credentials into a fake login page that is either embedded within the body of the email or part of a phishing website.  Once entered, the attacker has the details they need to log into your accounts and conduct illegal activity such as identity theft, credit card fraud, data theft, wire transfers and more.

Fake PayPal login pages were found to be the most common, numbering 11,000, however, Microsoft services had over 9,500 fake login pages.  Others with considerable numbers were Facebook at 7,500, eBay at 3,000 and Amazon at 1,500.

The greatest risk to corporate accounts is likely the Microsoft fake pages impersonating Office 365, One Drive, and SharePoint.

Why Is This Type of Phishing Successful?

This type of Phishing attempt is so successful because:

  1. Inattentiveness on the part of the recipients of these Phishing emails means they miss irregularities in the content and therefore consider them to be legitimate. They enter their credentials as requested and the attackers have what they want.
  2. These emails are making it past secure email gateways and spam filters because the email content is modified, creating sometimes hundreds of different versions of the same phishing email. Signature-based email security platforms fail to detect suspicious behavior once the spam emails are slightly modified.  Tactics such as this are also employed by the attackers to defeat the manual efforts of Security teams that are always working to take down fake login pages.

What can your organization do?

Ongoing employee testing and training to be alert to this type of activity is an important defense measure that all organizations should implement.  BSC Solutions Group offers such as service.  Learn more about it here.