Avanan Blog Attack Briefs

New Attack Leverages Milanote to Host Phishing Content

A big winner over the pandemic has been the use of collaboration apps. That includes Microsoft Teams and Slack and Zoom, but there are countless apps across the web ...

Read more

Spark a Phish: Another Case of Legitimate Services Used for Attacks

Attackers have found a consistent way to bypass SEG filters and get to the inbox. We've written about it a lot lately, in large part because we continue to see tons ...

Read more

Change of Direction: Too Many Redirects Fool Scanners

A common way for attackers to evade security solutions is to include URL redirects in the body of an email. For security solutions to effectively determine if the UR...

Read more

Don't Close: Scamming Closing Notifications with Credential Harvesting

Avanan researchers have uncovered an attack that leverages the notification of closing documents to send a credential harvesting link.

Read more

The Static Expressway: Leveraging Legit Sites to Get to the Inbox

We've been writing a lot lately about hackers are leveraging legitimate services as attack vectors. This trend is not going away, whether it's Google Docs, MailGun, ...

Read more

Do Not Call List: Hackers Impersonating Amazon to Get You to Call

How many Amazon notifications do you get? (If you're like some, it's a lot.) That means it's a perfect opportunity for hackers to try and exploit it to get some info...

Read more

Attackers Take Advantage of New Google Docs Exploit

Avanan analysts have recently discovered an exploit vector in Google Docs that attackers are using to deliver malicious phishing websites to victims.

Read more

Insecure Services: Spoofing Secure Email Notifications

With the increased attention to email security in every organization, users are getting used to receiving documents sent to them over "secure" services. With sensiti...

Read more

Lack of Trust: Pretending to be a Trusted Sender to Steal Credentials

Avanan researchers have discovered an attack that takes over the account of a trusted customer to send phishing emails.

Read more

Hackers Using Microsoft Against Itself

Attackers are using automated methods to generate attack email addresses that end in the onmicrosoft.com domain to try and bypass any email filters that may have onm...

Read more

Return to the Office. Get Welcomed by Phishing Emails

Returning to the office? Many workers around the country and the world are. Hackers are noticing.

Read more

Whole New Ballgame: GameStop's URL Leveraged for Phishing Attacks

On May 17th, Avanan researchers noticed a spike in phishing emails containing links to a particular subdomain of GameStop.com. GameStop is an American gaming company...

Read more

GroupThink: Targeting Group Emails to Bypass Scanners

Over the last three days, we have seen over 800 phishing emails sent to 11 different clients that try and leverage language that is normally used by physical or onli...

Read more

Help Is Not On the Way: Phishing Masquerading as COVID Relief

SEGs that rely on allow or blocklists are playing an ever-increasing catchup game when it comes to catching phishing emails. This phishing campaign shows us the resu...

Read more

Dat's Bad Attack: Hackers Using .dat Files to Bypass SEGs

A .dat file is a generic file that is used in various applications. What's unique about them is that they can only be used by the application that created them. For ...

Read more

1 2 3 4 5
... 8
Read more avanan-cloud-email-security reviews
Get a Demo

Experience the power & simplicity.

Learn More
14-Day Free Trial – Experience the power and simplicity of Avanan Cloud Security.   Start Free Trial