URL-based phishing tricks users into providing sensitive information to hackers through fake links that imitate legitimate ones. We've been looking at some examples to show you how easy it is to impersonate--and how we use our AI to stop it.
The fraudulent website is cleverly designed with two pages that lure users into surrendering their password to the “MetaMask” crypto wallet. The next step is a Reset Wallet page that demands the victim to disclose Secret Recovery Phrases. The first submission to Virus Total was added 30 hours after Check Point’s detection.
Top indicators detected by ThreatCloud AI:
The ThreatCloud AI has detected several suspicious indicators, including a newly registered domain, anonymous registration, internal URLs that request resources from a variety of dubious sources such as iframes, and an IP address with a bad reputation.