Detecting Proxy-Based Phishing
I recently learned about a new sophisticated type of phishing scheme. Traditionally, a scammer looking to steal information from someone has to go through the effort of building a fake website to spoof the target site. These spoof sites aren’t usually very good copies, so a victim can spot that something is amiss and leave. The new trend, however, is to load the target site through a proxy server. The victim is, for the most part, interacting with the real target site, with a couple catches.
- The scammer can monitor whatever is submitted through forms on the site.
- The scammer can modify any content as they see fit.
Wow, scary right? A scammer could be hijacking your user’s info and you may never even be aware that the proxy exists.