fbpx

Perception Point launches advanced browser security to eliminate web browser threats.

Attack Trends.

Stay ahead of the “attack waves” with in-depth analysis of key incidents and understand what’s trending among today’s malicious actors.

Has Your Account Been Taken Over?

In this blog post we discuss how account takeover (ATO) attacks occur and what you should look out for to spot them.

Behind the Attack: XML or HTML?

A new cyberattack disguises HTML phishing sites as XML files, allowing attackers to bypass and evade most detection platforms.

OneDrive, Many Malwares

Perception Point’s Incident Response team analyzes a recent malware attack targeting OneDrive.

Up Next: ATOs Takeover Universities

As an increasing number of universities are hit by account takeover attacks, it seems the educational sector may be the next trending target for cyber attackers.

Behind the Attack: Ransomware

Have you ever wondered about the intricacies of a ransomware attack? In this post we detail what goes on before, during, and after a ransomware campaign.

What is Spear Phishing?

Learn how spear phishing tricks users into providing confidential information and ways to protect yourself against it.

What is Trap Phishing?

Trap phishing is a type of phishing attack that capitalizes on human error to extract information or resources. Many people have suffered financial losses and reputational harm due to trap phishing, which is becoming increasingly more common these days.
Phishing Attack Examples to Watch Out For | Perception Point

Cyber Scams Know No Bounds

Every week, our IR team reviews hundreds of emails and files intercepted and flagged by our system, analyzing new attack trends and sometimes intervening in real-time to remediate attacks. In this article, we share a few recent examples of interesting attacks hailing from different regions around the globe that our advanced email security solution prevented, which were then analyzed by the IR team.

What is Business Email Compromise?

Business Email Compromise, also known as BEC for short, is a type of cybersecurity threat that involves cyber attackers impersonating company owners or executives to trick employees into transferring large sums of money or revealing confidential data.

How to Prevent Phishing Attacks

Learn about common phishing attacks, challenges in detecting phishing, and advanced technologies that will help organizations prevent phishing attacks.

How to Conduct a Phishing Attack in a 5 Easy Steps

Phishing is cybercrime’s oldest threat and it continues to be one of the most trending attacks on individuals and organizations alike. In this blog post we discuss recent players on the cyberattack scene: script kiddies, and their methods that make phishing so easy, even for the inexperienced.
laptop and code cve-2020-9971

What is Barrel Phishing?

Hackers use several types of phishing techniques to steal information from your organization. Barrel phishing, also known as double-barrel phishing, is rapidly becoming more prominent and is targeting organizations worldwide. 
hands on a laptop with clone phishing

What is Clone Phishing?

Clone phishing is a subtle form of phishing and goes beyond traditional phishing attempts and is harder to identify. This article outlines the characteristics of clone phishing and how to prevent it from reaching your inbox and your organization.
beware of malware

How to Prevent Malware Attacks

Malware, or malicious software, is software designed to take charge or disrupt its victim’s computer or network infrastructure. In this blog, we’ll explain the challenges in detecting malware and how to prevent malware attacks with best practices and advanced technologies.
ransomware attack on a computer

How to Prevent Ransomware Attacks

Ransomware, an advanced form of cyberattack, is one of the biggest threats that security teams around the world are facing. All organizations have become a target, from small teams to large enterprises, state systems and government networks. 

Insights Into an Excel 4.0 Macro Attack using Qakbot Malware

In this campaign, the attacker conceals malicious payload by deeply embedding it within multiple types of content and using different evasion techniques. Perception Point's IR team found loopholes and was able to backtrack his steps to understand his techniques.
foundr magazine ceo fraud

‘CEO Fraud’ Phishing Kit on the Rise

The Perception Point IR Team recently uncovered a new CEO Fraud phishing kit that leverages Backblaze, a cloud-storage tool, to host fake Office 365 login pages.
Slow email protection software

Slow Email Protection Software
Got You Down?

Protecting email is an absolute necessity to continuing business operations. Despite this necessity, however, many end-users find their email protection software takes too long to scan for threats.
Zoom cybersecurity

Zooming in on Zoom

Zoom is growing quickly, which is good and bad. Good because it makes it easy to work from home, and bad because it's a security risk. Once a log-in page is necessary (such as in Zoom)—a new loophole for stealing credentials is created.

New Wave of Malicious
Excel 4.0 Macros

Excel 4.0 macros have been here for almost three decades, but this year, attackers have found new ways to weaponize them. It’s bad news for companies that still rely on this legitimate functionality.
equation on whiteboard barrel phishing

“Accept Phishing Message” – The SendGrid Scheme

Attackers are ever-improving. See how they learned to leverage SendGrid to gain from two main benefits: evading email security measures and improve their trial and error process to improve their attack success rate.
clone phishing attack

The Triple Trouble: 3-Stage Phishing Attack.

Perception Point’s platform intercepted a unique, 3-stage attack that uses multiple evasion techniques, in order to infiltrate the targeted organization. In this post, we will present the complex attack and how Perception Point’s unique engines prevented it.

Faking a Bank: Attackers Target Chase Bank Customers

Perception Point has identified attempts to phish Chase clients. Read this short blog to see how the attacker tried to impersonate to a prominent bank and how Perception Point prevented these attacks.
dispensing department onedrive account

New cyber campaign leveraging OneDrive.

Perception Point has once again discovered a new attack trend hitting our clients. Perception Point intercepted this new attack campaign through its Advanced Cloud Storage Security solution. In this attack, we will show how attackers are leveraging OneDrive in order to evade detection and take advantage of a new attack vector.

Phishing Campaign Trend: Microsoft Teams.

In the following incident, it is very interesting to see how the attackers have improved their messaging and framework significantly to try trick the end-users.…

COVID-19 – Update on New Cyber Campaigns.

As the Coronavirus continues to keep organizations world wide working remotely, Perception point continues to see more and more “COVID-19” themed attacks. As always, they are improving in their sophistication and evasion. Below is an overview of 2 new attacks caught by our system, with an in-depth malware analysis of one of the campaigns

The Salesforce Loophole.

Overview. Today we present a blog that combines two main trends: (i) The use of collaboration channels to spread malware (Salesforce) and (ii) The increase…

COVID-19 – When the Virus Spreads to New Channels.

Today’s blog shows an interesting change in the way attackers act. Unlike previous incidents we published, this report lays out Coronavirus-themes attacks which are not originated from email but though other collaboration channels, such as cloud storage platform and files shared in internal networks. This shift demonstrates how attackers have been evolving and how they look for new ways into their targets.

COVID-19 – Update on New Cyber Campaigns.

Today’s report includes two attacks – a phishing using a spoofing technique and a malicious archived .exe file. Each of these attacks show how the attacker gathers intelligence on their targets. CISO’s and security experts must always be on top of the recent trends and make sure their security vendor knows how to stop these new attacks.

COVID-19 – Update on New Cyber Campaigns.

Perception Point continues to see more coronavirus-themed attacks, which seem to continuously increase by the day. Some of these campaigns have added new levels of…
command lines website spoofing

Phishing Alert: GitHub Website Spoofing.

Over the last few days, Perception Point’s system has detected an increasing number of incidents that are attempting to steal GitHub user credentials. In this specific attack…

COVID-19 – Update on New Cyber Campaigns.

Perception Point continues to see more coronavirus-themed attacks, which seem to increase in quantities and improve in quality, by the day. In the following update…

COVID-19 Malware Attacks

In this blog we provide COVID-19-themed cyberattack examples, focusing on COVID-19 malware attacks and phishing attempts.
doctors phishing campaigns

COVID-19 Phishing Campaigns Alert

In this post, we discuss some of the COVID-19 phishing campaigns caught by our anti-phishing engine and analyzed by our IR team.
face masks bec scams

BEC Scams: Mimecast Spoofing

Learn about a BEC scam comprised of two layers: spoofing a user’s email address and a phishing attempt to get Office 365 log-in credentials.
sharks g suite account

Campaign Alert: G Suite Phishing

Learn how Perception Point detected a widespread phishing attack campaign by noticing the common factor of G Suite account tools usage.
guy with mask attack vectors

Incident Report: A Combined Attack

Learn how we intercepted an email thread that combined popular attack vectors: impersonation, encrypted archive, and a malicious macro.

Statement of Account Email Attack

Learn about the widespread attack in which users first receive an email from an external source requesting an updated Statement of Account.
old phones phishing site

Campaign Alert: Call Me ASAP

Learn how attackers take an email address and insert it into the account name so users believes the site is legitimate in a recent campaign.
paper stack phishing mail

Incident Report: Fax Attack

Learn how a fax attack tricks employees into click on a phishing link by leveraging known cybersecurity service, EFax.
beach phishing technique

Incident Report: Trick or Treat

In this post we discuss a phishing technique that tricks users into thinking an image of the attached file can be opened in snapshot mode.

Malicious Macro Commands

This incident analysis report provides a detailed understanding of an attack and the damage that macro commands could have caused. Read more.

TALK TO SALES

Ready to Try
Perception Point?