Virtualization Technology News and Information
Article
RSS
Vade Develops New Method to Avoid Detection by Phishing Kits
Vade announced that it has been awarded a new patent by the US Patent and Trademark Office (USPTO). Vade's latest patented invention is a new method of preventing phishing kits from initiating defensive actions when examined by URL scanning technology.

This new method of subverting defensive actions from phishing kits is incorporated into all of Vade's products and paves the way for better phishing detection and prevention. "Vade's latest patent," said Sébastien Goutal, Chief Science Officer at Vade and co-inventor, "is part of our ongoing research and development strategy of identifying new attack techniques and developing innovative technologies to protect businesses and consumers."

Background on phishing kits

A phishing kit is an electronic package that contains a complete phishing website in an easy-to-deploy format. Phishing kits are commonly sold on the dark web and offered for sale by cybercriminal groups, either for a one-time-fee or as part of a subscription service. "In some cases," said Goutal, "phishing kit developers offer their kits for free but with a hidden backdoor. They can collect and sell the user credentials harvested by the wannabe fraudsters who deploy the kits."

Phishing kits have become more complex over time, and now include cloaking mechanisms to thwart URL scanning technology. To defend itself against detection from a security vendor, a phishing kit can detect an incoming HTTP connection, match the IP address to a security vendor, and trigger a defensive mechanism, such as returning a client or server error, or redirecting to legitimate webpages or search engines. These mechanisms can deceive a URL scanner and allow a phishing kit to go undetected, paving the way for a successful phishing attack.

Limiting phishing kits' defensive actions

Vade's invention is a method of determining the best scanning parameters by analyzing the electronic message that contains the malicious URL. These scanning parameters may then be used to scan a suspect URL with a reduced likelihood that a defensive action will be taken to hide the existence of the malicious content pointed to by the URL.

"Phishing kits are highly sophisticated and designed to trigger phishing pages only under certain conditions," said Goutal. "Not only does this help cybercriminals evade detection, but it also ensures that their content is displayed only to targeted users, such as those in certain countries or those using certain devices. This new technology helps us to identify without any delay a new phishing attack and quickly incorporate this threat intelligence collected into all our products and services."

Vade's newly patented technology is built into IsItPhishing.AI, Vade's web scanner. Threat intelligence gathered by IsItPhishing.AI is incorporated into all of Vade's products, including the Vade Filter Engine, Vade for M365, Vade Cloud, and Vade MTA Builder.

Published Wednesday, March 23, 2022 9:29 AM by David Marshall
Filed under: ,
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
Calendar
<March 2022>
SuMoTuWeThFrSa
272812345
6789101112
13141516171819
20212223242526
272829303112
3456789