New Phishing Campaign Exploits Geo Targetly URL Shortener

Researchers have warned users about a new phishing campaign that exploits the URL shortener service Geo Targetly to lure victims. It empowers the attackers to wage a widespread phishing campaign aimed at different geo-locations.

Geo Targetly URL Shortener Phishing Campaign

According to a recent post from Check Point Research, their researchers discovered a new phishing campaign that exploits the Geo Targetly URL shortener.

Geo Targetly is a dedicated service for location-based advertising, enabling marketers to shorten their URLs according to the specified locations. For instance, clicking on a shortened URL will redirect the user to the respective market of its country, whereas someone in another part of the world would visit the web page as per that region.

Specifically, the attackers behind this campaign use the URL shortener to mask the links to their phishing web pages. Clicking The phishing emails impersonate various entities to trick users into opening the message. For instance, one such email had a subject line mentioning a subpeona for violating the road speed limit.

The emails are designed in the language of the citizens of the target country. Then, the Geo Targetly-shortened URLs for phishing websites redirect users to the fake sites accordingly.

Such customizability empowers the attackers to target users from different parts of the world in the same campaign.

The researchers have shared the details about the phishing campaign in their post.

Be Wary Of Phishing

One of the prime reasons phishing attacks remain successful even after multiple warnings and awareness alerts is the ever-evolving creativity of cybercriminals in designing their campaigns. Whenever they wish to target a specific group of users, they design near-real email messages, which are often difficult for an average user to detect.

Nonetheless, practising caution can always help users avoid such attacks. In this regard, the researchers advise users always to verify the website URLs for originality and double-check the site for legitimacy before sharing any data.

Let us know your thoughts in the comments.

Related posts

Google Cloud To Implement MFA as a Mandatory Feature

Opera Browser Vulnerability Could Allow Exploits Via Browser Extensions

Hard-Coded Credentials Vulnerability Found In Kubernetes Image Builder