Monday, May 5, 2025
HomeCyber AttackHackers Using Geotargeting Tools to Launch Attacks Targeting Specific Locations

Hackers Using Geotargeting Tools to Launch Attacks Targeting Specific Locations

Published on

SIEM as a Service

Follow Us on Google News

According to Avanan, a Check Point Software Company, hackers are employing geotargeting tools to tailor phishing attacks to certain regions.

Geo Targetly is a legitimate online service that offers its own URL shortening service, similar to Bitly, called Geo Link. Using this service, scammers can conduct specialized attacks based on the geography and language of the victim.

How are Threat Actors Improving Phishing Tactics By Geo-Targeting Websites?

According to the researchers, in this assault, visitors are redirected through the geo-targeting platform Geotargetly, where they are presented with personalized, regional phishing pages.

- Advertisement - Google News
Email Sent to Users in Colombia

Researchers say utilizing the user’s location, the tool is utilized to display advertisements. As a result, advertisements displayed to users in France would differ from those seen to users in the US. Hackers can now launch geo-specific phishing content and send their targets harmful emails that are regionally and linguistically tailored.

In the aforementioned example, the original email originates in Colombia, so if the user is in Colombia, they will be forwarded to a page that looks like it is from the Colombian government. This is how it goes:

https://lh4.googleusercontent.com/pdZxbYJ2HkZolnlQtpbnPmoXL-xc9xdjT4KVhT0H8RtMRNFxkwreSc2bZ29rCD4l0yQ-yIi_z7JCYL3YY06QhJVnhhiHnNzEb5Tzc40w7lXJWgr_50QL90ajMTWzoU0bZ6kq89oXmZJoJBlIsFO4AyY
Redirected to a Colombian government look-a-like page

“What is interesting is the ability for hackers to customize their attacks by region and to attack multiple users in multiple parts of the world at once”, Avanan researchers.

Hackers Utilizing the ‘Spray-and-Pray’ Method

The threat actors frequently use the ‘spray-and-pray’ method. Throw a lot of stuff at the wall and see what sticks the idea. Volume is the name of the game, and you’re hoping for a few occasional successful phishes.

“The ‘spray-and-pray’ method allows for the ability for hackers to target a large number of people at once, and ensure that it’s relevant, and localized. It’s spraying without the praying”, researchers explain.

In this case, a hacker can make a phishing link that takes users in a specific region to a fake login page that resembles the real one using the Geotargetly redirect. 

The likelihood that a user may fall for the assault is increased by this personalization. The content would be appropriate for their language and location, and the redirect is legitimate.

Hence, it is now more likely that ‘spray and pray’ tactics would succeed, enabling hackers to operate effectively on a worldwide scale.

Recommendations

Security experts can take the following precautions to protect themselves from these attacks:

  • Check URLs in email and in the browser before proceeding
  • Confirm with IT if the site is legitimate.

Network Security Checklist – Download Free E-Book

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Hackers Use Pahalgam Attack-Themed Decoys to Target Indian Government Officials

The Seqrite Labs APT team has uncovered a sophisticated cyber campaign by the Pakistan-linked...

LUMMAC.V2 Stealer Uses ClickFix Technique to Deceive Users into Executing Malicious Commands

The LUMMAC.V2 infostealer malware, also known as Lumma or Lummastealer, has emerged as a...

Hackers Selling SS7 0-Day Exploit on Dark Web for $5,000

A newly discovered dark web listing claims to sell a critical SS7 protocol exploit...

Chimera Malware: Outsmarting Antivirus, Firewalls, and Human Defenses

X Business, a small e-commerce store dealing in handmade home décor, became the latest...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Hackers Use Pahalgam Attack-Themed Decoys to Target Indian Government Officials

The Seqrite Labs APT team has uncovered a sophisticated cyber campaign by the Pakistan-linked...

LUMMAC.V2 Stealer Uses ClickFix Technique to Deceive Users into Executing Malicious Commands

The LUMMAC.V2 infostealer malware, also known as Lumma or Lummastealer, has emerged as a...

Hackers Selling SS7 0-Day Exploit on Dark Web for $5,000

A newly discovered dark web listing claims to sell a critical SS7 protocol exploit...