Trap phishing is a type of phishing attack that capitalizes on human error to extract information or resources. Many people have suffered financial losses and reputational harm due to trap phishing, which is becoming increasingly more common these days.
Every week, our IR team reviews hundreds of emails and files intercepted and flagged by our system, analyzing new attack trends and sometimes intervening in real-time to remediate attacks. In this article, we share a few recent examples of interesting attacks hailing from different regions around the globe that our advanced email security solution prevented, which were then analyzed by the IR team.
Business Email Compromise, also known as BEC for short, is a type of cybersecurity threat that involves cyber attackers impersonating company owners or executives to trick employees into transferring large sums of money or revealing confidential data.
Phishing is cybercrime’s oldest threat and it continues to be one of the most trending attacks on individuals and organizations alike. In this blog post we discuss recent players on the cyberattack scene: script kiddies, and their methods that make phishing so easy, even for the inexperienced.
Hackers use several types of phishing techniques to steal information from your organization. Barrel phishing, also known as double-barrel phishing, is rapidly becoming more prominent and is targeting organizations worldwide.
Clone phishing is a subtle form of phishing and goes beyond traditional phishing attempts and is harder to identify. This article outlines the characteristics of clone phishing and how to prevent it from reaching your inbox and your organization.
Attackers are using a Microsoft verified app, abusing OAuth request links in order to gain full control of the victims’ mailbox. The spear phishing attack is specifically targeting CISOs and other administrator-level users in the organization.
Malware, or malicious software, is software designed to take charge or disrupt its victim’s computer or network infrastructure. In this blog, we’ll explain the challenges in detecting malware and how to prevent malware attacks with best practices and advanced technologies.
Ransomware, an advanced form of cyberattack, is one of the biggest threats that security teams around the world are facing. All organizations have become a target, from small teams to large enterprises, state systems and government networks.
Perception Point recently detected multiple high-volume phishing campaigns in which the attackers are using URL evasion and geofencing techniques while spoofing a variety of worldwide banking institutions, notably Standard Bank, Banco Bradesco, and Citizens Financial Group Inc.
In this sophisticated spear phishing campaign, attackers, using social engineering techniques, attempted to lure unsuspecting victims to enter their login credentials to fake login portals impersonating Microsoft, Gmail, WebMail, and WorldClient and were conducted en masse to achieve their goals.
This article investigates two distinct attack campaigns targeting cryptocurrency users that are currently trending at multiple organizations, and how phishing attacks are used to entice victims to download malware or provide their credentials.
Perception Point’s advanced email security service managed to intercept thousands of attack emails impersonating DocuSign, utilizing the Hancitor Malware. The following blog details this alarming attack.
Be aware. Attackers are impersonating legitimate brands, attaching to emails an HTML file containing a fake log-in page, intended for harvesting credentials. To complete the disguise, they finish with redirecting to the real brand website.
In this campaign, the attacker conceals malicious payload by deeply embedding it within multiple types of content and using different evasion techniques. Perception Point's IR team found loopholes and was able to backtrack his steps to understand his techniques.
Zoom is growing quickly, which is good and bad. Good because it makes it easy to work from home, and bad because it's a security risk. Once a log-in page is necessary (such as in Zoom)—a new loophole for stealing credentials is created.
A unique example of an Account Takeover (ATO): an “injected” email turns out to be an attempt to insert malware as part of a “normal” email correspondence. This is great evidence for the ultimate social engineering attack, showing how attackers are ever evolving, and that everyone needs account takeover protection.
Fake Alert! Attackers now phish for user's credentials using fake email and web pages of Microsoft Planner and Microsoft Teams. Read the full report to stay on top of the trend and see what you can do about it.
What happens if you take a pinch of social engineering, a grain of evasion, and throw some anonymization techniques into the mix? Well, a perfect recipe for phishing. Check this example to see how attackers try to lure end-users to act wrongfully.
Attackers are ever-improving. See how they learned to leverage SendGrid to gain from two main benefits: evading email security measures and improve their trial and error process to improve their attack success rate.
Perception Point’s platform intercepted a unique, 3-stage attack that uses multiple evasion techniques, in order to infiltrate the targeted organization. In this post, we will present the complex attack and how Perception Point’s unique engines prevented it.
Perception Point has once again discovered a new attack trend hitting our clients. Perception Point intercepted this new attack campaign through its Advanced Cloud Storage Security solution. In this attack, we will show how attackers are leveraging OneDrive in order to evade detection and take advantage of a new attack vector.
As the Coronavirus continues to keep organizations world wide working remotely, Perception point continues to see more and more “COVID-19” themed attacks. As always, they are improving in their sophistication and evasion. Below is an overview of 2 new attacks caught by our system, with an in-depth malware analysis of one of the campaigns
Today’s blog shows an interesting change in the way attackers act. Unlike previous incidents we published, this report lays out Coronavirus-themes attacks which are not originated from email but though other collaboration channels, such as cloud storage platform and files shared in internal networks. This shift demonstrates how attackers have been evolving and how they look for new ways into their targets.
Today’s report includes two attacks – a phishing using a spoofing technique and a malicious archived .exe file. Each of these attacks show how the attacker gathers intelligence on their targets. CISO’s and security experts must always be on top of the recent trends and make sure their security vendor knows how to stop these new attacks.