We recently received samples that we suspected were “phishy” in nature, but after analyzing the email attachment a severe threat was exposed. Figure 1.0 Email sample The emails had a ZIP attachment containing an HTML that was designed to look like an invoice signed by DocuSign, which is a well-known
The “Purchase” themed email is a commonly used subject in phishing campaigns. Threat actors can easily scrape the internet, in other words, specific data is very easily gathered and copied from the web. This makes company emails a very easy target, as they are available in their websites, especially the
“We will just use Office365 for our search requests from now on.” As more and more companies move from hosted Exchange to Office365, this has become an increasingly common phrase.
Phishing remains one of the most popular types of corporate attacks in terms of its prevalence, and therefore it is not surprising that attackers are coming up with increasingly sophisticated methods to obtain the victim’s personal data. Signs of an Office 365 Phishing Attack A Warning from Microsoft: The
It’s safe to say that all of our Cyren Inbox Security customers use the native Office 365 security capabilities of Exchange Online Protection and Advanced Threat Protection (now collectively called Microsoft Defender for Office 365). If you follow this blog, you can’t help but notice that CIS and our incident
Every internet user participates in surveys every day: “Do you like our service?” “Are you satisfied with the order?” “Please, fill the form below to make us better for you!” Scammers know these survey forms are mundane, and often filled out reflexively. By using free “form-builder” services, attacks: can be
Macro malware (also known as macro viruses) is a computer virus that is written in the same macro language used in other software, such as Microsoft Excel and Word. Since macro viruses use the same macro language, the attack begins as soon as the document is opened. Macro malware can
A little design in the phishing world What do bright and catchy presentations, laconic documents, and perfect CVs have in common? Everyone can easily create it by using online graphic design platforms without wasting time. Almost everyone already knows about such services and have used at least one time before.
Almost 94% of all malware attacks are delivered via email. These attacks may include ransomware, adware, spyware, and more. Lately we have observed a growing trend of distributing malware through password-protected email attachments. Let’s look at an example of what this kind of malware attack looks like so that you
Anatomy of an Attack: Evasive Zoom phishing campaign using multiple phishing techniques at once In the final days of November, Cyren Inbox Security detected a massive phishing attack with a fake Microsoft 365 login page. Interestingly, they used many techniques to make the attack more evasive. Related: Microsoft reports a
