New Phishing Technique and Malware Threats Identified in 2025 Security Analysis

According to BlockBeats, SlowMist released its security incident analysis for the fourth quarter of 2025, highlighting a new, more covert phishing technique. This method allows users to be redirected to phishing sites even when they manually enter the correct official domain name. Victims have reported that despite entering the correct address, their browsers automatically complete it with a counterfeit domain created by attackers. This issue is not due to user error but rather because attackers have polluted the browser's history through ads, social media guidance, or fake announcements. Once the phishing domain is stored in the browser's autocomplete logic, users are redirected to a fake site that closely resembles the official website. Additionally, there is a resurgence in computer malware attacks. Attackers often use phishing links, private messages in social tools, or so-called "resource downloads" to quietly implant malicious programs into users' local environments. Once a device is infected, data related to wallets is at risk.