What is Spear Phishing?

Learn how spear phishing tricks users into providing confidential information and ways to protect yourself against it.
Cyber Scams Know No Bounds

Every week, our IR team reviews hundreds of emails and files intercepted and flagged by our system, analyzing new attack trends and sometimes intervening in real-time to remediate attacks. In this article, we share a few recent examples of interesting attacks hailing from different regions around the globe that our advanced email security solution prevented, which were then analyzed by the IR team.
How to Prevent Phishing Attacks

Learn about common phishing attacks, challenges in detecting phishing, and advanced technologies that will help organizations prevent phishing attacks.
How to Conduct a Phishing Attack in a 5 Easy Steps

Phishing is cybercrime’s oldest threat and it continues to be one of the most trending attacks on individuals and organizations alike. In this blog post we discuss recent players on the cyberattack scene: script kiddies, and their methods that make phishing so easy, even for the inexperienced.
An Insider’s View into Blocking Email Threats

The Importance of Blocking Crypto Viruses, Threats, and Attempted Phishing Attacks
Phishing Scams Hosted on Free Website and Form Building Tools Increases

With the abundance of free website building tools available, it’s easier than ever for attackers to mimic legitimate brands by building fake log-in pages. And that’s exactly what’s been happening.
BEC, Spear Phishing & Collaboration Examples in a single attack.

While it is a known fact that phishing, BEC, and collaboration-tool based attacks are becoming more and more prevalent, it is even more interesting to see all three trends within one attack. In the attack described below, we see BEC, Spear Phishing & Collaboration Examples and how the attacker combines common impersonation techniques with the […]
On-brand Phishing: When Attackers Use Your Assets Against You

A detailed, to-the-point analysis of the most phished brands in email attacks and the importance of asset-based protection as c. 50% of attacks are actually related to the targeted company and its stakeholders.
Top 4 Phishing Tricks for September-October 2020

Stay up to date with the latest phishing trends and tricks. We now focus on 4 points that can surely help you be prepared for the next attack.
The Fake Collaboration: Phishing Microsoft Planner and Teams

Fake Alert! Attackers now phish for user’s credentials using fake email and web pages of Microsoft Planner and Microsoft Teams. Read the full report to stay on top of the trend and see what you can do about it.
A Phishing Link, Some Social Engineering and Evasion – The Foremost Recipe for Cybertheft

What happens if you take a pinch of social engineering, a grain of evasion, and throw some anonymization techniques into the mix? Well, a perfect recipe for phishing. Check this example to see how attackers try to lure end-users to act wrongfully.
The Triple Trouble: 3-Stage Phishing Attack.

Perception Point’s platform intercepted a unique, 3-stage attack that uses multiple evasion techniques, in order to infiltrate the targeted organization. In this post, we will present the complex attack and how Perception Point’s unique engines prevented it.
Faking a Bank: Attackers Target Chase Bank Customers

Perception Point has identified attempts to phish Chase clients. Read this short blog to see how the attacker tried to impersonate to a prominent bank and how Perception Point prevented these attacks.
Phishing Campaign Trend: Microsoft Teams.

In the following incident, it is very interesting to see how the attackers have improved their messaging and framework significantly to try trick the end-users. Just in the design there are several aspects to point out that are used to lure the end-user to follow the path as set by the attacker: Display name spoofing: […]
The State of Mind of Being #1.

Why Perception Point Topped SE Labs’ Independent Email Security Testing.
Perception Point Receives Top Overall Ranking in SE Labs Independent Testing.

After testing a range of email hosted protection services, Perception Point wins SE Labs
Email Security Services Protection Award
Phishing Attempt Using Slack Referrer URL.

In this update, we will show how attackers are leveraging Slack referrer URL in order to lead victims to phishing pages, thus evading legacy solutions.
COVID-19 – Update on New Cyber Campaigns.

As the Coronavirus continues to keep organizations world wide working remotely, Perception point continues to see more and more “COVID-19” themed attacks. As always, they are improving in their sophistication and evasion. Below is an overview of 2 new attacks caught by our system, with an in-depth malware analysis of one of the campaigns
COVID-19 – The Microsoft Excel Puzzle.

The following attack presented in this report is only one of many our system has prevented in the last couple of weeks. It is now being used extensively in COVID-19 campaigns. In this example, we show how the malware operates and present the execution chain. We welcome you to contact us to discuss this attack […]
New Phishing Campaign: “Remote-work” VPN Installation.

Overview. Due to the sudden remote-work situation, IT teams are deploying VPN’s for all their employees in order to ensure business continuity. VPN is one of the necessities of almost every company, even more so now. Attackers understand this new situation and as a result, are using it to their advantage. The attacker sends an […]
COVID-19 – Update on New Cyber Campaigns.

Perception Point continues to see more coronavirus-themed attacks, which seem to continuously increase by the day. Some of these campaigns have added new levels of complexity, such as the use of evasion techniques, as well as evolving with the attack story line itself. In the following update we collected three new attack campaigns and one […]
COVID-19 Phishing Campaigns Alert

In this post, we discuss some of the COVID-19 phishing campaigns caught by our anti-phishing engine and analyzed by our IR team.
Anti-Phishing Software – A Growing Necessity for Google Services

In this blog, we will show how attackers take their creativeness to the next level by leveraging Google services in order to orchestrate new types of phishing attacks.
Campaign Alert: G Suite Phishing

Learn how Perception Point detected a widespread phishing attack campaign by noticing the common factor of G Suite account tools usage.
Campaign Alert: Call Me ASAP

Learn how attackers take an email address and insert it into the account name so users believes the site is legitimate in a recent campaign.
Incident Report: Trick or Treat

In this post we discuss a phishing technique that tricks users into thinking an image of the attached file can be opened in snapshot mode.
Incident Report: Hijacked Email Account

In this post we discuss how the main aspect of hijacking is using a legitimate user’s email account in order to deliver malware.
Phishing Links are Moving to Email Attachments

In this post we discuss how attackers are putting embedded URLs inside email attachments instead of the email body to evade security filters.