THE 2024 STATE OF PHISHING REPORT IS PUBLISHED! READ THE REPORT HERE

Solutions
Solutions
By Channel

Read the company overview to learn more about how Perception Point provides unparalleled prevention of advanced cyber threats across all attack vectors.

Email
Email

Advanced Email Security

Internal Emails

Outbound Email Security

Security Awareness Training

Download this complimentary Gartner report.

Web Browser
Web Browser

Risky Access

Sensitive Access

Download the Advanced Browser Security solution paper.

Cloud Collaboration
Cloud Collaboration

Cloud Collaboration Apps

Business Communication

Cloud Storage

Read the brochure to learn more about Advanced Cloud Collaboration Security.

Web Apps & File Uploads

Check out the solution paper on Advanced Threat Protection for Web Apps.

By Platform
By Platform

Microsoft 365

Google Workspace

Salesforce

AWS S3

Zendesk

Read this case study to see how we helped a high-tech enterprise secure 3 collaboration channels: MS Teams, OneDrive, and SharePoint.

By Attack Type
By Attack Type

Phishing Prevention

Quishing Prevention

BEC Prevention

Account Takeover Prevention

Malware Detection

Zero-days & N-days Detection

Read the company overview to learn more about how Perception point provides unparalleled prevention of all attacks across email, web browsers and cloud collaboration apps.

Detection Technology
Detection Technology

AI Threat Prevention

HAP – Next-Gen Sandbox

Anti-Evasion Technology

Read the company overview to learn more about how Perception point provides unparalleled prevention of all attacks across email, web browsers and cloud collaboration apps.
Services
Services
Incident Response

The X-RAY

Reporting

End User Reporting

More Services
Learn more about Perception Point’s Managed Service.
Partners
Partners
Partnerships
Partnerships

Channel Partners

MSP/MSSP Partners

Technology and Alliance Partners
Technology and Alliance Partners

Microsoft

AWS

Salesforce

SentinelOne

Crowdstrike
Learn more about the Perception Point Partner Program. Protect your customers from all threats across top attack vectors with one platform.
Resources
Resources
Guides
Guides

BEC

Browser Security

BYOD

Cloud Storage Security

Cybersecurity

Email Security

Endpoint Security

Incident Response

Malware

Phishing

Ransomware

Zero Trust

Blog

Keep up with Perception Point’s updates and new offerings on our blog, here.

Case Studies

Learn how Red Bull augmented Microsoft EOP to prevent attacks in the case study, here.

Datasheets

Access the datasheet to learn about the use cases, technical specifications, and the key features of our Security Browser Extension

White Papers

Download this whitepaper to learn how today’s digital-first enterprises can protect themselves against advanced threats.

Reports

Download the 2023 Gartner Market Guide for Email Security.

Webinars

Check out our webinar in cooperation with Forrester — “Rethinking Email Security: Why Traditional Approaches Fail and Why You Can’t Afford to Ignore it”

eBooks

Download this ebook to get a thorough overview of the most current email security challenges and how to mitigate them through best practices.

Brochures

Reach this brochure to learn how Advanced Email Security combines cutting edge threat prevention with the speed, scale and flexibility of the cloud.

ROI Calculator

Use this calculator to assess the potential benefit of deploying Perception Point with just 3 variables. We will do the rest for you.

Checklist

Are you managing a remote team? Download this IT Checklist to make sure you’re organization is secure.
Company
Company
About Us

News

Press

Events

Careers
Read the company overview to learn how Perception Point provides unparalleled prevention of all attacks across email, web browsers and cloud collaboration apps.

Perception Point » Blog » Attack Trends » Beware: 4 Advanced Attack Examples You Should Know About

October 3, 2022

Beware: 4 Advanced Attack Examples You Should Know About

In this post we cover four advanced attack examples you should look out for.

Perception Point Marketing

Our Incident Response team sees hundreds of attack types a day. In this blog post we round up four real-life advanced attack examples ranging in technique, industry, targets, and goals. While these attacks may all be different, they each share a similar malicious intent to exploit unsuspecting users. Keep reading to learn more.

1. Thread Hijack

In this first advanced attack example, a threat actor leverages vendor email compromise (VEC) to steal $50k from a CFO in the energy industry.

The attacker begins by creating a look-alike email address belonging to one of the target’s known vendors. The fake address differs from the legitimate one by just a letter, barely noticeable, and the real email address appears as the sender’s name in order to deceive the victim. With the deceptive address, the attacker then makes their move, hijacking an existing email thread between the vendor and the victim. The victim assumes that the vendor is continuing the thread, innocently asking to update their banking details. In reality, it is the attacker that has requested the change.

Perception Point’s advanced threat detection platform identified the correlation between the fake address and the original one, recognizing the message as a spoofing attempt. Furthermore, the content of the email asking for financial details raised additional flags, preventing the email from making its way to our customer’s inbox, thus preventing a successful VEC attack.

Figure 1: The thread hijack email

Watch this video to see how Perception Point intercepts thread hijacking attacks

2. Gift cards gave it away

Next up is a familiar business email compromise (BEC) attempt. The attacker poses as a C-level employee in the automotive industry, asking a lower-level employee to purchase gift cards. This is a classic attack that we know all too well. Here’s how it happens:

An attacker creates a fake Gmail account under an executive’s user’s name.
The attacker sends an employee a request to purchase gift cards, via the fake email address.

If there are little to none advanced detection and protection mechanisms in place, then the attacker dupes the employee and disappears with the gift cards. In this case, content-based rules within our platform detected the gift card request and blocked the message, identifying it as an impersonation of an executive within the organization.

TIP: If you receive an email from a superior asking you to purchase gift cards, maybe call them to confirm before you become the next victim in this popular BEC scam.

Figure 2: The impersonation email

3. Compromised vendor goes phishing

This attack combines a few classic techniques, including account takeover (ATO) and phishing.

A vendor’s mailbox is compromised during an account takeover attack. The attacker uses the vendor’s account to execute a large phishing campaign. This attack utilizes a 2-step phishing approach, meaning that the target is redirected before being asked for their credentials.

The user receives an email from a trusted vendor, unaware that the vendor has been compromised. This adds another layer of legitimacy, as the user has nothing to suspect about the real identity of the sender. The attacker sends a fake invoice PDF attachment to the user. The document is hosted on Google Drive and contains a concealed shortened link. Once the user clicks on the PDF, they are redirected to a spoofed login page and asked to enter their details in order to see the document. Here, the attacker attempts to steal the user’s credentials.

Figure 3: The compromised vendor’s email

To the untrained human eye, it is very easy to fall prey to such an attack. However, a next-gen detection platform can unpack embedded attacks like these, uncovering any attempt to evade detection.

Figure 4: The spoofed login

4. Multi-level malware

This last advanced attack example involves a malware campaign targeting users in the hospitality industry with the aim of remote access control.

An advanced persistent threat (APT) group managed to hijack a hotel’s domain, using it as a legitimate source to deliver malicious payloads. The advanced threat we caught starts with an email, in which the sender requests help from our client. The email directs the recipient to a booking link, which actually auto downloads a ZIP file with LNK.

Figure 5: The compromised hotel email

The LNK file launches and the attack chain begins, leading to AsyncRAT. AsyncRAT is a remote access trojan (RAT) designed to remotely monitor and control other devices through a secure encrypted connection.

Figure 6: The attack chain

Our platform identified this malicious behavior with static and dynamic analysis, stopping the attack before the attacker had a chance to harm our client.

Now what?

As you can see from these examples, advanced attacks come in all shapes and levels of complexity. Attackers continue to find new and sophisticated ways to exploit innocent users. Awareness is the first step to mitigate you and your organization’s risk. However, to be truly protected we recommend finding a holistic solution that is able to isolate, detect, and remediate any threat on any channel.

Learn more about how to best defend your organization against advanced threats here.

Don't miss out on any industry updates.

Sign up for our newsletter!

TALK TO SALES

Ready to Try
Perception Point?

Learn More

Beyond Add-Ons: Elevating Browser Governance Against Malicious and Risky Extensions

Nespress-Oh No! Phishing Attack Exploits Nespresso Open Redirect Vulnerability

This blog post delves into how a Nespresso domain is being misused to redirect victims, urging urgent actions leading to the theft of Microsoft credentials.

Professionally Hooked: Microsoft Two-Step Phishing Campaign Targets LinkedIn Users

This blog highlights a new LinkedIn threat, one that combines breached accounts and an evasive 2-step phishing attack.

Behind the Attack: Evasive HTML Spear Phishing

In this blog we investigate how an attacker uses HTML to conduct a spear phishing campaign and evade detection.

Evolving Email Security with Embedding Space and AI-powered Subject Analyzer

Perception Point has developed “Subject Analyzer,” an NLP model that classifies email subjects to maximize detection of threats and spam.

Operation PhantomBlu: New and Evasive Method Delivers NetSupport RAT

A malware campaign employs new TTPs and behaviors to evade detection and deploy NetSupport RAT.