{"id":10258,"date":"2018-06-11T10:44:37","date_gmt":"2018-06-11T10:44:37","guid":{"rendered":"http:\/\/www.esds.co.in\/blog\/?p=10258"},"modified":"2021-02-26T07:08:45","modified_gmt":"2021-02-26T07:08:45","slug":"d-mart-phishing-attack","status":"publish","type":"post","link":"https:\/\/www.esds.co.in\/blog\/d-mart-phishing-attack\/","title":{"rendered":"D-Mart Phishing Attack"},"content":{"rendered":"\n
\"\"<\/figure><\/div>\n\n\n\n

W<\/strong>ith each passing day, \nbusinesses are seeing more and more malicious emails in their inboxes \nwhich are turning out to be dangerous for their website and the users \nvisiting it. Phishing attacks are evolving due to new ways which are \nbeing used to lure a victim and take advantage of his\/her data. Phishing\n is an online attack and is disguised in an email so that the recipient \nis tricked to read the message and click on a link or provide bank \ndetails. Cyber-attacks dates back to the 1990s and it is still one of \nthe most widespread attacks with phishing messages and newer techniques.\n A lot of companies are targeted and many users have been falling victim\n to these attacks now-a-days.<\/p><\/p>\n\n\n\n

The most recent Phishing scam which has \nhit the social circuit is \u2018The D-Mart Anniversary Celebration\u2019 message. \nRenowned store in India, D-Mart has been the latest company to be hit by\n the scam as their name was used for this attack. The viral message was \nas follows:<\/p><\/p>\n\n\n\n

\u201cD-Mart is giving FREE INR 2,500 shopping voucher to celebrate its 17th anniversary, click here to get yours: <\/strong>http:\/\/www.dmart?ndia.com\/voucher<\/strong><\/a> , Enjoy. \u201c<\/strong><\/p>\n\n\n\n

This attack was a type of Homoglyph \nAttack where a deceptive link is circulated which has similarities of \nthe original domain name but the characters are changed, which almost \nlooks like the original domain name.<\/p><\/p>\n\n\n\n

In D-Mart\u2019s case, the URL which was used for Phishing is http:\/\/www.dmart?ndia.com\/voucher<\/a><\/strong> instead of the original URL which is http:\/\/www.dmartindia.com\/<\/a><\/strong><\/p><\/p>\n\n\n\n

Now if you will look closely, the \nattacker has replaced the letter \u201ci\u201d with \u201cI\u201d which is a letter used in \nalmost all Cyrillic alphabets.<\/p><\/p>\n\n\n\n

What exactly is a Homoglyph Attack?<\/strong><\/p>\n\n\n\n

A Homoglyph Attack is a way of deception\n to fool users using a phony domain and luring them to visit the website\n which possess the similarities of an original domain. This attack \ncontains script spoofing and homograph domain name spoofing \u2013 which \ncontains letters and numbers that look alike. When a user clicks on this\n link then the page is redirected to another website which will ask the \nusers for his\/her personal information along with payment details; this \nis where is the user falls victim to the attack.<\/p><\/p>\n\n\n\n

For example<\/strong>, a regular \nuser of example.com may be lured to click a link where \nthe Latin character \u201ca\u201d is replaced with the Cyrillic character \u201ca\u201d<\/p><\/p>\n\n\n\n

Recently Jet Airways was in news due to \nsuffering the same kind of attack but ESDS\u2019 web security scanner \nESDS VTMScan,<\/strong><\/a> detected these Phishing scams in both the cases by zeroing on \nits origins. Created by the Homoglyph Attack Generator, the link of the \nscam ad is a very smartly created cheat domain. If you have already \nopened such URL, then it would be better to change your passwords.<\/p><\/p>\n\n\n\n

How can we protect ourselves from Phishing Attacks?<\/strong><\/p>\n\n\n\n

These basic steps will ensure that you are safe and protected from Phishing attacks:<\/p>\n\n\n\n

  1. Being sensible when it comes to Phishing Attacks is more than enough\n to avert any kind of further disaster. Check you mails and smartly \nbrowsing online will definitely ensure that you are safe and far away \nfrom falling victim to any kind of Phishing attack.<\/li>
  2. Staying vigilant when you see a shortened link is also important \nbecause attackers use these kinds of links to trick you into thinking \nthat you are clicking on a legitimate link.<\/li>
  3. If any email you receive looks suspicious then it is better if you ignore it and delete before it causes any further harm.<\/li><\/ol>\n","protected":false},"excerpt":{"rendered":"

    With each passing day, businesses are seeing more and more malicious emails in their inboxes which are turning out to be dangerous for their website and the users visiting it. Phishing attacks are evolving due to new ways which are being used to lure a victim and take advantage of his\/her data. Phishing is an… <\/p>\n

    <\/div>\n

    Read More<\/a><\/p>\n","protected":false},"author":44,"featured_media":10340,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[1271],"tags":[1907,2021,1914,2016,2015,2569,1945,1959,1929],"class_list":["post-10258","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security-2","tag-cyber-attacks","tag-d-mart-phishing-attack","tag-esds-vtmscan","tag-homoglyph-attack","tag-homoglyph-attack-generator","tag-online-malware-scanner","tag-phishing-attacks","tag-phishing-scam","tag-web-application-security"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.esds.co.in\/blog\/wp-json\/wp\/v2\/posts\/10258","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.esds.co.in\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.esds.co.in\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.esds.co.in\/blog\/wp-json\/wp\/v2\/users\/44"}],"replies":[{"embeddable":true,"href":"https:\/\/www.esds.co.in\/blog\/wp-json\/wp\/v2\/comments?post=10258"}],"version-history":[{"count":4,"href":"https:\/\/www.esds.co.in\/blog\/wp-json\/wp\/v2\/posts\/10258\/revisions"}],"predecessor-version":[{"id":11786,"href":"https:\/\/www.esds.co.in\/blog\/wp-json\/wp\/v2\/posts\/10258\/revisions\/11786"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.esds.co.in\/blog\/wp-json\/wp\/v2\/media\/10340"}],"wp:attachment":[{"href":"https:\/\/www.esds.co.in\/blog\/wp-json\/wp\/v2\/media?parent=10258"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.esds.co.in\/blog\/wp-json\/wp\/v2\/categories?post=10258"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.esds.co.in\/blog\/wp-json\/wp\/v2\/tags?post=10258"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}