Attack Trends
Rewriting Hysteria: Rising Abuse of URL Rewriting in Phishing
In recent months, threat actors have discovered a troubling new method to exploit URL rewriting, a feature intended to protect users by replacing links in emails. By manipulating these rewritten...
Attack Trends
Phishing by Design: Two-Step Attacks Using Microsoft Visio Files
Perception Point’s researchers have uncovered a new type of two-step phishing attack leveraging Microsoft Visio files (.vsdx) and SharePoint. These attacks embed malicious URLs in .vsdx format files to evade...
Attack Trends
You’re Invited: Rampant Phishing Abuses Eventbrite
In a new Eventbrite phishing campaign, threat actors misuse Eventbrite’s services to steal financial or personal information....
Attack Trends
Two-Step Phishing Campaign Exploits DocuSign’s Web Forms
In recent research, the Perception Point team uncovered a new wave of attacks abusing DocuSign's Web Forms—a feature designed for data collection and document management. ...
Attack Trends
Quishing 2.0: QR Code Phishing Evolves with Two-Step Attacks and SharePoint Abuse
In a new quishing campaign discovered by Perception Point’s security research team, threat actors took QR code phishing to a whole new level....
Industry Insights
Two-Step Phishing Campaign Exploits Microsoft Office Forms
Attackers are abusing Microsoft Office Forms to launch sophisticated two-step phishing attacks. Office Forms are now being leveraged by threat actors to trick targeted users into divulging their Microsoft 365...
Industry Insights
The Unstoppable Phish: Why Browser-Level Phishing Detection is Essential
In this blog, we'll delve into an example of browser-level phishing to illustrate this evolving threat....
Attack Trends
Behind the Attack: Live Chat Phishing
In this blog, we investigate a phishing attack that leverages the inherent trust we put in live chat support. ...
Attack Trends
A Deeper Look at Phishing Campaigns Combining URL Component Misuse & Homograph Attacks
In this blog, Roy Darnell, Director of Detection & AI at Perception Point, analyzes a phishing attempt caught in the wild that utilizes URL Component Misuse & Homograph Attacks, two...
Attack Trends
Nespress-Oh No! Phishing Attack Exploits Nespresso Open Redirect Vulnerability
This blog post delves into how a Nespresso domain is being misused to redirect victims, urging urgent actions leading to the theft of Microsoft credentials....
Industry Insights
Professionally Hooked: Microsoft Two-Step Phishing Campaign Targets LinkedIn Users
This blog highlights a new LinkedIn threat, one that combines breached accounts and an evasive 2-step phishing attack....
Attack Trends
Behind the Attack: Evasive HTML Spear Phishing
In this blog we investigate how an attacker uses HTML to conduct a spear phishing campaign and evade detection....
