Mobile Phishing Campaign Offered Free Flights

A campaign recently reported by Farsight Security involved an internationalized domain name (IDN) "homograph-based" phishing website that tricked mobile users into inputting their personal information. The suspected phishing websites presented as commercial airline carriers – specifically Delta Airlines, easyJet and Ryanair – and offered free tickets, fooling users with the age-old bait-and-switch technique. Users were asked to respond to a series of seemingly innocent questions and then share the free offer with 15 of their WhatsApp contacts before being directed to the URL where they could access the free tickets. After Farsight discovered the first suspected Delta phishing site, it immediately informed the company. According to Farsight researchers, the websites were optimized for mobile and failed to work smoothly on desktop, leaving mobile users as prime targets. It’s not unusual for phishing scams to use spoofed sites and homograph domains to fool unsuspecting users with trusted brand names. “Users, especially on smaller mobile screens, may not be paying close attention to the URLs or domain names of sites to verify their legitimacy,” said Dirk Morris, chief product officer at Untangle