This new “linkless” phishing scam is even tricking tech experts

The cybersecurity firm Sophos has observed two new phishing campaigns in the wild that use a new trick to help them avoid detection.

Email phishing scams typically employ a three-stage process to get potential targets to give up their credentials which begins with an email that contains a URL they want users to click through. Clicking on this link will bring potential victims to a fake login page where their credentials are harvested and then sent to another site where the cybercriminals behind the campaign will use them to takeover user accounts.

Source link