More targeted phishing attacks are being facilitated by the use of geotargeting tools, reports The Record, a news site by cybersecurity firm Recorded Future.
Threat actors have been leveraging Geo Targetly to redirect users to localized phishing sites, enabling simultaneous attacks on various users around the world, according to a report from Avanan.
"The redirect is legitimate and the content would be relevant to their language and region. In this example, the original email starts in Colombia, and so if the user is in Colombia, they will be redirected to a Colombian government look-a-like page. If they are in Argentina, they will be redirected to an Argentinian page. And so on," said Avanan researchers.
Geo Targetly has confirmed the exploitation of its Geo Link service in phishing attacks despite the implementation of various defenses against malicious activity.
"We are continuing to identify methods to detect such phishing URLs including the use of AI. Once we become aware of bad actors in our system we immediately disable their account including blocking their credit card to prevent any further payments," said a Geo Targetly spokesperson.