One of the goals of cybercriminals is to remain hidden for as long as possible. With the vast number of threat intelligence platforms available, there are many organizations always hunting for signs of nefarious activity. The longer criminal activity can remain off the radar, the greater the potential haul.
Big name brands are big phishing targets. Why? Because they are well recognized by many consumers. When as email claims to be from Bank of America, even non-Bank of America consumers recognize the name. And familiarity breeds confidence so users are more likely to click on links. So, when our Threat Detection Center recently encountered a Bank of America phishing email, we decided to look behind the scenes.
As we head in to spring, leaving behind an eventful winter, the EdgeWave Threat Detection Center continues to see interesting approaches to bypassing traditional email security gateways. While it’s difficult to place them in the “campaign” category, it’s good to review some of these tactics as a reminder of how some “oldies but goodies” are still successful.
Cybercriminals using Microsoft Azure (and other public cloud infrastructures) is not new. The twist here is how Azure is being used as part of a Facebook workplace phishing campaign aimed at collecting user credentials.
A new year, and a new phishing technique. While it’s hard to qualify anything as truly “new”, it is always interesting to see the latest approach. This week the EdgeWave Threat Detection Center saw a dramatic increase in phishing email using EML attachments.
Looks like the criminal community needed a last-minute infusion of cash. Earlier today the EdgeWave Threat Detection Center saw the first samples of a Christmas themed attack using an obfuscated VB macro within a Microsoft Word attachment.
This week the EdgeWave Threat Detection Center caught a very impressive phishing campaign spoofing Amazon. While this falls squarely within the “always be sure before you click”, the apparent legitimacy is sure to catch enough users to make for a very happy holiday for at least one criminal group.
Our Threat Detection Center sees a lot of common phishing attempts, everything ranging from payroll to invoices to voicemails. Very often we see campaigns using fake “email failure” or “updates needed” as the call to action and to create a sense of urgency. This week we saw a well-crafted Office 365 “email failure” notification. By examining the full set of data, it’s easy to see why end users are so easily fooled.
Request a Live Demo
Find out how much better email and web security can be!