January 21, 2019

Fax Attack Incident Report.

A summary of malicious content identified by Perception Point’s platform.

Perception Point Incident Response Team

Explanation.

An analysis of an attempt attack identified by Perception Point’s platform.

Recently we detected an attempt to leverage a known service, EFax, which is often utilized by our client, to trick employees into clicking on a phishing link.  

How it works:

The user receives an email stating that he received a new fax message sent to him from a known company.  In order to see the file, he is required to click on the link in the email. When the user clicks on the link it forwards him to a malicious phishing site that asks the user to enter his credentials in order to see the file.

This technique is frequently utilized as there are multiple fax services that are legitimate and attackers are simply creating a similar subject line in order to confuse users and ultimately steal their credentials.

Fake mails.

Real mail.

Detection.

The attack was detected through a combination of our

  • Recursive Unpacker: Unpacks the email into smaller units to identify hidden attacks
  • Threat Intelligence engine: Combines several threat intelligence sources with our internally developed engine that scans URLs and files in the wild

Want to know more?

Contact Us.



Link has been copied to your clipboard!