According to a recent report by cybersecurity firm BlueVoyant, the proportion of “third-party phishing” attacks, which use a middleman interface to gain the trust of victims and steal their data, has increased nearly tenfold in one year. To reduce risks and prevent harm, experts recommend education and close monitoring.

In recent months, many users in Hungary have encountered phishing attempts using an intermediary interface in cyberspace, even if they did not know that this was a new type of method, more sophisticated than ever before. Attackers usually try to lure their victims to some online marketplace. They pretend to want to buy the product, but in reality they lure the seller to a phishing page, where they try to get him to provide his personal information or bank card details, or allow access to his Internet bank, by copying the appearance of the website of a major bank, BlueVoyant experts explain.

This is what cybersecurity experts call a “third-party phishing” attack, when cybercriminals pretend to be a third party and try to scam users of an organization, usually a financial institution. According to a recent report by BlueVoyant, the number of incidents of this type has increased dramatically, affecting a wide range of industries, from financial institutions to e-commerce and shipping to the telecommunications and government sectors. According to the experiences of one of the cybersecurity company’s large European clients, while last year this method accounted for only 2 percent of phishing cases, by 2023 this percentage has already risen to 21 percent.

See also  Hyundai Ioniq 5 photo preview

An old trick with a new twist

This type of attack was first identified in 2020, and today it has spread around the world, as it is much more effective than “traditional” phishing. In this way, attackers can cast a wider “net”, i.e. they can target a larger number of users, so the potential prey is also larger. In addition, this method is so complex and sophisticated that it is easier to deceive unsuspecting customers than a simple email sent in the name of the bank, which nowadays raises suspicions among more and more users.

According to BlueVoyant’s analysis, attackers are targeting customers of hundreds of global financial institutions through middleman websites impersonating a trusted brand. It is often deceptively similar to the original in appearance and domain name. In this way, cybercriminals take an additional step compared to “traditional” phishing and impersonate a seemingly independent company. This makes it easier for them to avoid detection while collecting credentials and personal information from customers of many companies. They then collect the data they receive and either use it themselves for illegal activity or sell it.

According to BlueVoyant data, the attack method is used around the world, but spoofed “third-party” sites vary by region. In Europe and the United Kingdom, attackers commonly impersonate postal service providers, e-commerce platforms, tax payment platforms, mobile phone providers, and government agencies. In the United States and Canada, shipping companies and e-commerce sites were the most common “digital disguises,” while logistics companies and government sites were also used in fraud in the Asia-Pacific region. The common point is that in all cases, financial institutions are targeted by them, and customers are directed to sites that imitate them.

The Hungarian cases provided a lot of information to the cyber defense company’s experts. At a large local bank, they noticed that their customers were being targeted by fake pages of e-retailers and parcel delivery companies. By examining these cases, they gained important information about the attackers, their methods, and the infrastructure behind them.

The fact that attackers do not target financial institution customers directly, but rather use an intermediary interface, further complicates the defense. Therefore, it is particularly important to reduce risks that companies in all relevant sectors educate their users, customers and employees about new types of attacks, says the expert council.

In addition, it also effectively reduces the risk if companies continuously monitor the Internet – or have a cybersecurity service provider – after unauthorized use of similar domains or similar brand elements, and then remove the identified malicious domains as soon as possible.

See also  University of Miskolc | Innovation Opportunities to Create a Circular Economy – Circletech Workshop

If you want to know about similar things at other times, like it HVG Tech Department Facebook page.


In addition to diverse, independent and factual information, our readers who join Pártoló membership can also enjoy a number of benefits for their financial support.
Depending on your membership level, we offer, among others:

  • We send you an exclusive weekly digest of interesting things in the world;
  • You can get an insight into HVG’s work, and you can meet our authors;
  • You can participate in previews of the latest films, in various events;
  • You can purchase HVG books and publications at a discount;
  • You can read hvg360 digital news magazine.