Hackers have developed a new way of attacking Internet users' e-mail accounts by infiltrating the confirmation e-mails sent by websites after a user has registered. This technique, unveiled by cybersecurity researchers at Cisco Talos, poses a growing threat to Internet users.

How hackers hijack your online registrations

When a user registers on a site, the site sends a confirmation e-mail to the e-mail address given on the registration form. This e-mail generally contains a link that the user must click on to validate their registration. A post-registration e-mail is then sent.

Hackers use this function to disseminate malicious links. If the unwanted content is not detected by the website concerned, the malicious information is sent to Internet users via the post-registration email.

This information, hidden in e-mails from verified domain names, passes through traditional anti-spam filters and is therefore difficult to stop. 

To protect themselves, users should pay attention to the content of the emails they receive. If, for example, you receive an e-mail such as ‘Your subscription to the xxx newsletter’ when you have not tried to subscribe to a site recently, you can ignore the message or delete it immediately. 

When faced with a dubious e-mail, do not click on the links it contains or open the attachments. We recommend using a specialised tool to check the authenticity of the sender.

Source : phonandroid.com

Vanessa Ntoh