BYOB (Build Your Own Botnet) in action.
Attacks leveraging the BYOB framework for fraudulent activity in the wild has been around for a few years now. We believe that the cyber security community can expect to see much more of this as more “script kiddies” discover the BYOB tool. What is BYOB (Build Your Own Botnet)? In today’s cyber security world, the […]
How to Prevent Phishing Attacks
Learn about common phishing attacks, challenges in detecting phishing, and advanced technologies that will help organizations prevent phishing attacks.
How to Conduct a Phishing Attack in a 5 Easy Steps
Phishing is cybercrime’s oldest threat and it continues to be one of the most trending attacks on individuals and organizations alike. In this blog post we discuss recent players on the cyberattack scene: script kiddies, and their methods that make phishing so easy, even for the inexperienced.
BEC, Spear Phishing & Collaboration Examples in a single attack.
While it is a known fact that phishing, BEC, and collaboration-tool based attacks are becoming more and more prevalent, it is even more interesting to see all three trends within one attack. In the attack described below, we see BEC, Spear Phishing & Collaboration Examples and how the attacker combines common impersonation techniques with the […]
BEC Scams: Mimecast Spoofing
Learn about a BEC scam comprised of two layers: spoofing a user’s email address and a phishing attempt to get Office 365 log-in credentials.
BEC: You Have (Almost) Been Compromised!
Learn more about BEC (Business Email Compromise), an impersonation-based attack leveraging social engineering techniques.
Incident Report: A Combined Attack
Learn how we intercepted an email thread that combined popular attack vectors: impersonation, encrypted archive, and a malicious macro.
Campaign Alert: Call Me ASAP
Learn how attackers take an email address and insert it into the account name so users believes the site is legitimate in a recent campaign.
Incident Report: CV or Cyber Vector?
In this post we discuss how a cyber attack involving malicious macro code was disguised as a CV delivered via email.
Incident Report: Fibonacci Backdoor & Malicious Email
Learn how the Fibonacci backdoor infection process grants an attacker control to remotely execute commands through malicious email.
Incident Report: Fax Attack
Learn how a fax attack tricks employees into click on a phishing link by leveraging known cybersecurity service, EFax.
Incident Report: AP28 – Fancy Bear
In this post we discuss how Perception Point protects against highly advanced threats like APT28 (Fancy Bear).
Incident Report: Hijacked Email Account
In this post we discuss how the main aspect of hijacking is using a legitimate user’s email account in order to deliver malware.
Incident Report: Excel Macro Puzzle Attack
We discuss how attackers use a legitimate user’s email account and macro code to deliver malware as the response to an existing email thread.
