The Latest Hack: Beware the Morphing Meerkat
Morphing Meerkat is spreading across the internet, and no, it’s not the latest Power Ranger. Discovered by researchers at Infoblox, Morphing Meerkat is a sophisticated phishing operation that impersonates popular email services like Gmail, Outlook, and Yahoo.
But how does Morphing Meerkat work, and how can you protect yourself? In this edition of The Latest Hack, we’ll break it all down.
Let’s get into it.
The Hack
Say it with us: “It starts with a phishing email.” Like most phishing emails, the email will look legitimate, often with a subject line like: “Action Required: Account Deactivation.” A sense of urgency is typical with these kinds of scams.
Once you click the link, you’re dragged through a maze of redirects – through ad networks, compromised WordPress sites, and more – designed to hide the scammer’s tracks and bypass security warnings. Eventually, you’ll be taken to a login page that looks identical to your email provider’s site, with your email address automatically filled in. But here’s the catch:
The page is fake.
The moment you enter your credentials, they’re stolen.
Why Morphing Meerkat Is Different
Morphing Meerkat is more advanced than your typical phishing attack. It customizes these fake login pages to match your provider through a behind-the-scenes system called DNS MX records. DNS MX records are like digital instructions that help route your emails to the right place. With this information, scammers can show you a fake login page that perfectly matches your usual email provider, making it almost impossible to detect.
To make matters worse, once your credentials are stolen, the scam seamlessly redirects you to the real login page. Everything then looks normal, leaving victims completely unaware that they’ve been compromised.
Security experts have reported that Morphing Meerkat sent thousands of spam emails to victims worldwide.
Hiding in Plain Sight
Morphing Meerkat is dangerous because it blends in so well. Most people don’t think twice about logging in to their email, but this phishing scam goes beyond just imitating login pages.
Security experts often inspect a webpage’s code to detect phishing attempts, using tools like the view source function (Ctrl+U). However, Morphing Meerkat disables these inspection methods, making it far harder for security teams to analyze and counteract the threat.
To make matters worse, the scam also automatically translates its phishing content into over a dozen different languages, including English, Spanish, Korean, and Russian. This means that the scam can reach more people worldwide, and the more people it targets, the higher its chances of success.
How to Stay Safe
Although phishing has become increasingly complex, there are still practical steps you can take to stay safe.
Pause and think before clicking – Many hackers use urgency to get their victims to click without thinking. By taking a few moments to think before you click you can avoid compromising your computer. Remember, if you have any doubt, don’t click it and reach out for help.
Enable multi-factor authentication – Enabling MFA on your email and other sensitive accounts will help keep your account safe if your login credentials end up compromised.
Use a password manager – A secure password manager won’t autofill your password onto fake websites. It also provides a safe and secure location for your passwords.
Keep your software updated – Keeping your email and security software up to date means having the latest protection while removing security vulnerabilities. Make sure you enable automatic updates so you don’t miss out.
Check URLs carefully – Phishing sites often use lookalike URLs that have minor inconsistencies, like typos or extra words.
Strengthen your DNS Security – Recommended by Infoblox, adding a strong layer of DNS security is more important than ever. Reach out to your security experts for this step.
Team Up With an MSP
Phishing has evolved. While staying vigilant and using basic prevention methods are still vital, these threats have become far more than most small to medium-sized business can handle alone. Without the right security measures, like advanced antivirus protection and continuous monitoring, spotting these scams before they do damage is nearly impossible.
That’s why partnering with a top-tier MSP like The20 MSP is more important than ever. We have the tools, expertise, and manpower to strengthen your security and keep you one step ahead of these threats. Plus, we offer cutting-edge training programs so your team can be informed on the latest scams targeting businesses like yours.
Don’t leave yourself open to hackers and threats like Morphing Meerkat – reach out, and let’s get you secured.
About The 20 MSP
As a leading provider of managed IT services, The 20 MSP serves thousands of businesses nationwide, including single and multi-location organizations, delivering white-glove service, secure and streamlined IT infrastructure, and 24/7/365 support. We believe in building lasting relationships with clients founded on trust, communication, and the delivery of high-value services for a fair and predictable price. Our client’s success is our success, and we are committed to helping each and every organization we serve leverage technology to secure a competitive advantage and achieve new growth.
