If many people can detect simple phishing emails these days, some attacks are very well crafted and also have built-in techniques not only to ensure that potential victims will fall into the trap but there is another aspect. From an attacker’s point of view, how to improve the quality of collected data?
I found multiple phishing pages that ask for passwords twice. When the victim submits his/her credentials, an error message is always displayed stating that the credentials are invalid. What's your reflex in such a case? You pay attention to what you type and you type slowly to avoid typos. When you submit your credentials for the second time, the attacker will record them, hoping they will be relevant!
This technique provides multiple advantages to the attacker:
Xavier Mertens (@xme)
Xameco
Senior ISC Handler - Freelance Cyber Security Consultant
PGP Key