US-based fraud prevention company Arkose Labs has announced that its Bot Manager platform detects and alerts against ‘reverse proxy phishing’ attacks on customer websites.
Data on phishing attacks
According to the FBI Internet Crime Complaint Center (IC3), in 2022 phishing attacks were the number one internet crime, costing victims an estimated USD 52 million. New types of phishing attacks like Adversary-in-the-Middle (AITM) reverse proxy threaten to increase that number dramatically. Readily available tools like EvilProxy are now available to cybercriminals as a service to easily build phishing sites that steal authentication tokens and bypass multi-factor authentication (MFA).
How a phishing attacks take place
Phishing attacks have evolved, with attackers tempting users to click on malicious URLs versus attachments in 60% to 70% of cases. AITM reverse proxy attacks use fake websites designed to emulate legitimate sites such as a bank website. Users are driven to the fake site through a message, and asked to login. The fake site not only replicates the login process, it also includes a reverse-proxy. When a user inputs their username and password, the fake site sends that information to the real banks’ server, which triggers a one-time password (OTP) or PIN. With control of the proxy, the cyberattacker can extract credentials, including the OTP or PIN, and the cookie from the legitimate bank site, allowing them access to the user’s account.
The team from Arkose Labs explained that phishing isn’t simply about domain block lists or analysing website contents anymore. Those methods might work against unsophisticated attacks, but new phishing attacks require a comprehensive security posture. Arkose Bot Manager beats attackers at their own game by forcing them to integrate Arkose into their fake pages with absolutely no effect on the user experience. With Arkose integrated, security teams can thwart a phishing attack and give the business data on the attackers—and unlike traditional phishing detection methods, Arkose Phishing Protection is able to detect and block malicious requests in real-time.
The Arkose Bot Manager
Arkose Bot Manager combines transparent detection with dynamic attack response to catch attackers early without disrupting the user experience. Arkose detection aggregates real-time device, network, and behavioural signals to spot hidden signs of bot and human-driven attacks, such as device and location spoofing. Once suspicious signals are detected, Arkose’s proprietary challenge-response technology separates the good users from the bad bots. New Arkose Bot Manager features include:
- Email intelligence that stops bots and bad actors from using fake or risky email addresses in attacks on online services and applications;
- Protection against next-generation phishing attacks, leveraging sophisticated anti-bot defense at login and non-legitimate site detection that provides businesses with visibility into traffic from non-primary domains. Arkose embeds a token in the legitimate web application or SDK. Each request dynamically verifies that the token has passed from the client to the server, causing sessions originating from a phishing website to fail;
- CDN integrations with major cloud providers and content delivery networks. These easy-to-configure integrations significantly reduce the effort and time to deploy Arkose Bot Manager on critical user flows and provide customers with several architectural options.
Arkose Bot Manager is the only bot management solution backed by two separate USD 1 million warranties. Building on the strength of its existing USD 1 million warranty against account take-over attacks, Arkose Labs today announced an additional USD 1 million warranty against SMS toll fraud attacks. Together, these warranties demonstrate the company’s commitment to deliver business impact, confidence, and ROI to its customers.
Read the original article here.