The HP report reveals a rise in cybercriminals using 'cat-phishing' to deceive users through open redirect vulnerabilities, leading to malware delivery. Through manipulating legitimate links, attackers target unsuspecting victims, making it hard to differentiate between safe and compromised sites. Notable campaigns like WikiLoader exploit trust in reputable websites, while Living-off-the-BITS technique abuses BITS and Ursnif malware returns in malicious spam campaigns
HP also highlights email threats evasion, document-based threats surpassing macros, and importance of defence-in-depth strategies. Expert insights stress on the limitations of detection-centric security, advocating for advanced technologies like AI to combat sophisticated 'cat-phishing' attacks effectively. https://www.hackread.com/hp-reports-cat-phishing-targeting-users/