linkedin-phishing-abuses-adobes-ab-testing-platform
Phishing Campaign Targets Professionals Using Adobe A/B Testing Platform
A recently uncovered phishing campaign has been identified, leveraging a well-known service operated by Adobe to trick victims into divulging sensitive information.
The scheme begins with a seemingly innocuous email, masquerading as a routine business inquiry, accompanied by a signed contract for review.
Upon opening the attachment, recipients are presented with a familiar-looking login page, pre-populated with their own address. Upon submitting their credentials, the login details are secretly transmitted to a server controlled by the attackers.
- The deception employed by the perpetrators includes disguising the attached HTML file as a PDF document, utilizing double extensions to evade detection, and pre-filling the login form with the target’s actual address to create a sense of legitimacy.
- The attackers have opted to utilize Adobe’s infrastructure to carry out this operation. Instead of directing victims directly to their own servers, the phishing emails redirect them to Adobe Target, a genuine A/B testing platform hosted on the omtrdc.net domain.
- This approach serves multiple purposes; it renders the network traffic appear to originate from a trusted Adobe location, and it permits the attackers to monitor which victims successfully authenticated and entered their credentials.
- These phishing campaigns are designed to be highly scalable, making them particularly challenging to counter. Even vigilant users may fall prey to these tactics due to momentary lapses in attention.
- To mitigate such risks, experts recommend enabling multi-factor authentication for critical accounts and accessing accounts exclusively through official applications, websites, or bookmarks.
About Author
English