Avanan Blog Attack Briefs


WHO Are You? Hackers Spoof World Health Organization

As governments around the world have paid out relief checks during the COVID-19 crisis, it might seem reasonable to receive some form of email communication from gov...

Read more

As Vaccine Mandates Spread, So Too Do Vaccine Scams

As long as COVID-19 vaccines have been readily available, there have been scammers looking to profit from it. According to Check Point Research, the following have b...

Read more

How Impersonation Attacks Fool Users

October is National Cybersecurity Awareness Month. Each week has a theme. This week's theme? Fight the Phish. This blog shows a typical impersonation attack and how ...

Read more

Shortened LinkedIn URL Used for Phishing

When you share a link on LinkedIn, and the URL is over 26 characters, LinkedIn will automatically shorten it, as per its policy. You may have seen it while perusing ...

Read more

Bad Sender: The Importance of Sender Reputation

An easy way to determine if an email is suspicious is by looking at sender reputation. It’s no wonder, then, as we found in our 1H Cyber Attack Report, that 84.3% of...

Read more

Allow Phishing: The Problem with Allow Lists

An Allow List is a simple concept. Essentially, it's a list of addresses or domains that you've deemed safe, and thus emails from those addresses or domains shouldn'...

Read more

At The Beep: Why Voicemail Related Attacks Can Be Confusing

Oftentimes, you'll receive an email that says to call a number. It can be for anything—refunds, ask questions, etc.

Read more

Simple, Yet Effective: How BECs Catch Users Off Guard

Have you ever seen an email like this come across your inbox?

Read more

Quantum Computation: Can Phishing Gain?

A post in occasional series about the ins and outs of data science, by senior AI researcher Natan Katz. Read the first article here. 

Read more

New Attack Spoofs Vaccine Passes to Steal Credentials

Many countries and cities around the world are instituting a so-called COVID pass. The idea is that an app will show a person’s vaccination status or proof of negati...

Read more

No Display: New Obfuscation Tactic Emerges

Hackers have a long history of trying to obfuscate their true intent. We've written about this extensively, whether it's MetaMorph, SiteCloak, ZeroFont, baseStriker ...

Read more

New Attack Sends Phishing Via DocuSign

Avanan researchers have discovered a new attack, whereby hackers can use DocuSign to send malicious documents and phishing links

Read more

New Scam Targets Auto Accidents

Avanan researchers have uncovered an attack that spoofs an automobile accident report. Here's what it looks like:

Read more

Phishing and Artificial Intelligence: Aren't We Merely a Sentiment?

A post in occasional series about the ins and outs of data science, by senior AI researcher Natan Katz.

Read more

New Attack Leverages Milanote to Host Phishing Content

A big winner over the pandemic has been the use of collaboration apps. That includes Microsoft Teams and Slack and Zoom, but there are countless apps across the web ...

Read more

Spark a Phish: Another Case of Legitimate Services Used for Attacks

Attackers have found a consistent way to bypass SEG filters and get to the inbox. We've written about it a lot lately, in large part because we continue to see tons ...

Read more

Change of Direction: Too Many Redirects Fool Scanners

A common way for attackers to evade security solutions is to include URL redirects in the body of an email. For security solutions to effectively determine if the UR...

Read more

Don't Close: Scamming Closing Notifications with Credential Harvesting

Avanan researchers have uncovered an attack that leverages the notification of closing documents to send a credential harvesting link.

Read more

The Static Expressway: Leveraging Legit Sites to Get to the Inbox

We've been writing a lot lately about hackers are leveraging legitimate services as attack vectors. This trend is not going away, whether it's Google Docs, MailGun, ...

Read more

1 2 3 4 5
14-Day Free Trial – Experience the power and simplicity of Avanan Cloud Security.   Start Free Trial