Attack Trends

Rewriting Hysteria: Rising Abuse of URL Rewriting in Phishing

In recent months, threat actors have discovered a troubling new method to exploit URL rewriting, a feature intended to protect users by replacing links in emails. By manipulating these rewritten...
Attack Trends

Phishing by Design: Two-Step Attacks Using Microsoft Visio Files

Perception Point’s researchers have uncovered a new type of two-step phishing attack leveraging Microsoft Visio files (.vsdx) and SharePoint. These attacks embed malicious URLs in .vsdx format files to evade...
Attack Trends

You’re Invited: Rampant Phishing Abuses Eventbrite

In a new Eventbrite phishing campaign, threat actors misuse Eventbrite’s services to steal financial or personal information....
Attack Trends

Two-Step Phishing Campaign Exploits DocuSign’s Web Forms

In recent research, the Perception Point team uncovered a new wave of attacks abusing DocuSign's Web Forms—a feature designed for data collection and document management. ...
Attack Trends

Quishing 2.0: QR Code Phishing Evolves with Two-Step Attacks and SharePoint Abuse

In a new quishing campaign discovered by Perception Point’s security research team, threat actors took QR code phishing to a whole new level....
Industry Insights

Two-Step Phishing Campaign Exploits Microsoft Office Forms

Attackers are abusing Microsoft Office Forms to launch sophisticated two-step phishing attacks. Office Forms are now being leveraged by threat actors to trick targeted users into divulging their Microsoft 365...
Industry Insights

The Unstoppable Phish: Why Browser-Level Phishing Detection is Essential

In this blog, we'll delve into an example of browser-level phishing to illustrate this evolving threat....
Attack Trends

Behind the Attack: Live Chat Phishing

In this blog, we investigate a phishing attack that leverages the inherent trust we put in live chat support. ...
Attack Trends

A Deeper Look at Phishing Campaigns Combining URL Component Misuse & Homograph Attacks

In this blog, Roy Darnell, Director of Detection & AI at Perception Point, analyzes a phishing attempt caught in the wild that utilizes URL Component Misuse & Homograph Attacks, two...
Attack Trends

Nespress-Oh No! Phishing Attack Exploits Nespresso Open Redirect Vulnerability

This blog post delves into how a Nespresso domain is being misused to redirect victims, urging urgent actions leading to the theft of Microsoft credentials....
Industry Insights

Professionally Hooked: Microsoft Two-Step Phishing Campaign Targets LinkedIn Users

This blog highlights a new LinkedIn threat, one that combines breached accounts and an evasive 2-step phishing attack....
Attack Trends

Behind the Attack: Evasive HTML Spear Phishing

In this blog we investigate how an attacker uses HTML to conduct a spear phishing campaign and evade detection....