zvelo’s Phishing Detection systems leverage human-supervised machine learning and crowd-sourced continuous ActiveWeb monitoring in order to identify and track millions of active phishing URLs. Stay up to date and protect your networks and users with the latest targeted and “Zero-Minute” phishing URLs and campaigns.

Homograph Attack | Internationalized Domain Name Attack

What is an IDN Homograph Attack and How Do You Protect Yourself?

An internationalized domain name (IDN) homograph attack is a method of deceiving computer users about the remote computer they’re communicating with. It exploits the fact that many characters are homographs, meaning they look alike. Homographs allow a malicious party to create an IDN that appears very similar to an established domain, which can then be used to lure users to the new website.

2018 Stripe Phishing Scam - Fraudulent Login Landing Page

2018 Phishing Campaign Against Stripe Payment Processing Users

Over the years, cybercriminals have deployed increasingly sophisticated scams to deceive users of payment processing systems—particularly small and medium sized business owners—into compromising their accounts by unknowingly divulging account credentials. Here’s an example of a recent phishing campaign from Fall 2018 targeting Stripe users.

2018 Apple ID Phishing Scam

Increase in Mobile Phishing Scams Targeting Apple ID Users

A trend forming among newly identified phishing URLs shows bad actors sending fraudulent emails informing Apple ID users of outdated Apple ID information or problems with billing. The emails and internal links attempt to deceive Apple ID users into “verifying” account information. When the user proceeds to log in, the form handing over access credentials to their accounts.

Phishing Alert: Rejected Federal Tax Payment Scam

zveloLABS detected a suspicious-looking email purporting to come from the Electronic Federal Tax Payment System (EFTPS) of the U.S. Treasury Department. This email is fraudulent and claims that “Your Federal Tax Payment ID has been rejected.” The payment rejection is falsely attributed to the use of an invalid identification number. Here is an example of the actual phishing email (see image 01), followed by some observations that should raise red flags about its validity.