Phishing tactic attackers are using real-time checks to verify victims’ emails before stealing credentials. This method improves success rates while staying hidden.
A recent report highlights this new approach, called precision-validating phishing. Unlike bulk email scams, this attack targets only verified, active users.
Therefore, only victims on a pre-selected list reach the fake login screen. Others are redirected to a harmless website like Wikipedia.
This smart filtering happens through code inside the phishing page. The script checks whether the email entered is on the attacker’s list. If yes, the site moves to the password capture step.
Why This Tactic Works So Well
By confirming email addresses in real time, attackers waste less effort. Only valuable, valid accounts are targeted.
As a result, the credentials they steal are more likely to work. This increases the resale value of the stolen data.
Moreover, this method avoids detection. Automated crawlers or sandboxes can’t trigger the full phishing flow. Therefore, phishing kits using this tactic last longer.
Two-Path Phishing Also Emerges
Researchers also found a clever two-choice phishing setup. Victims receive a message about a file being deleted. The link appears to go to a file-hosting site.
Once the PDF is opened, users face two options: preview or download. However, both lead to trouble.
Previewing opens a fake Microsoft login page. Downloading drops malware disguised as a Microsoft OneDrive installer. In reality, it’s a remote access tool.
This trick forces users into action, making them more likely to fall for the scam.
Real Attacks, Real Access
Another report found a related threat actor using multiple tactics. This includes phishing via Microsoft Teams, remote access tools, and system commands.
They used well-known software to avoid suspicion. For example, TeamViewer was sideloaded with a malicious DLL file. A JavaScript backdoor was then installed.
This layered approach helps attackers gain access and stay inside systems longer.
How to Defend Against These Threats
To stay safe, organizations should take proactive steps:
- Use multi-factor authentication (MFA) to protect logins.
- Educate employees to spot phishing emails and suspicious links.
- Deploy email filters that block or flag fake file alerts.
- Monitor user activity for unusual access patterns.
- Test and update security systems against evolving phishing kits.
Phishing tactics like real-time email checks are growing smarter. However, awareness and layered defenses can stop these threats before they spread.
Sleep well, we got you covered.
