Avanan Blog Attack Briefs


Shortened LinkedIn URL Used for Phishing

When you share a link on LinkedIn, and the URL is over 26 characters, LinkedIn will automatically shorten it, as per its policy. You may have seen it while perusing ...

Read more

Bad Sender: The Importance of Sender Reputation

An easy way to determine if an email is suspicious is by looking at sender reputation. It’s no wonder, then, as we found in our 1H Cyber Attack Report, that 84.3% of...

Read more

Allow Phishing: The Problem with Allow Lists

An Allow List is a simple concept. Essentially, it's a list of addresses or domains that you've deemed safe, and thus emails from those addresses or domains shouldn'...

Read more

At The Beep: Why Voicemail Related Attacks Can Be Confusing

Oftentimes, you'll receive an email that says to call a number. It can be for anything—refunds, ask questions, etc.

Read more

Simple, Yet Effective: How BECs Catch Users Off Guard

Have you ever seen an email like this come across your inbox?

Read more

Quantum Computation: Can Phishing Gain?

A post in occasional series about the ins and outs of data science, by senior AI researcher Natan Katz. Read the first article here. 

Read more

New Attack Spoofs Vaccine Passes to Steal Credentials

Many countries and cities around the world are instituting a so-called COVID pass. The idea is that an app will show a person’s vaccination status or proof of negati...

Read more

No Display: New Obfuscation Tactic Emerges

Hackers have a long history of trying to obfuscate their true intent. We've written about this extensively, whether it's MetaMorph, SiteCloak, ZeroFont, baseStriker ...

Read more

New Attack Sends Phishing Via DocuSign

Avanan researchers have discovered a new attack, whereby hackers can use DocuSign to send malicious documents and phishing links

Read more

New Scam Targets Auto Accidents

Avanan researchers have uncovered an attack that spoofs an automobile accident report. Here's what it looks like:

Read more

Phishing and Artificial Intelligence: Aren't We Merely a Sentiment?

A post in occasional series about the ins and outs of data science, by senior AI researcher Natan Katz.

Read more

New Attack Leverages Milanote to Host Phishing Content

A big winner over the pandemic has been the use of collaboration apps. That includes Microsoft Teams and Slack and Zoom, but there are countless apps across the web ...

Read more

Spark a Phish: Another Case of Legitimate Services Used for Attacks

Attackers have found a consistent way to bypass SEG filters and get to the inbox. We've written about it a lot lately, in large part because we continue to see tons ...

Read more

Change of Direction: Too Many Redirects Fool Scanners

A common way for attackers to evade security solutions is to include URL redirects in the body of an email. For security solutions to effectively determine if the UR...

Read more

1 2 3 4 5
14-Day Free Trial – Experience the power and simplicity of Avanan Cloud Security.   Start Free Trial