Avanan Blog Attack Briefs


The Auto Delete Attack

A successful credential harvesting scam can have devastating consequences.

Read more

The Dangerous Savanna Campaign is Making Waves

Check Point Research has uncovered a two-year-long campaign that is still going and making waves. The campaign starts by using spear-phishing and then sends maliciou...

Read more

Leveraging Facebook Ads to Send Credential Harvesting Links

Eight million businesses advertise their products on Facebook. 

Read more

New Phishing Campaign Spoofs Avanan

Spoofing brands is a common form of phishing.

Read more

The Piano Giveaway Scam

Everybody loves a giveaway.

Read more

MFA, Man in the Middle and You

Microsoft has reported on a new man-in-the-middle phishing campaign, which targeted over 10,000 organizations in the last year. 

Read more

CFO Spoofed in Convincing Business Email Compromise Scam

If you get an email from your CFO requesting urgent action, what do you do?

Read more

The Static Expressway Hits Healthcare

We have written ad nauseam about something we call The Static Expressway. This refers to the idea of hackers using legitimate web pages to host or send phishing cont...

Read more

Hackers Build Phishing Pages Using AWS Apps

Amazon Web Services (AWS) is one of the most popular cloud storage and hosting solutions. From major companies hosting their work on the service, to individuals usin...

Read more

Best Buy Spoof Uses Google Storage to Launch Phishing Attack

Hackers spoof brands all the time. They are usually popular brands, such as Microsoft or Apple.

Read more

Hackers Host Phishing Pages on Lucidchart

Lucidchart is a popular site used to collaborate on drawings, charts, diagrams and more.

Read more

Mirroring Actual Landing Pages for Convincing Credential Harvesting

The hacker has two tasks: Get into the inbox. And get the user to hand over the desired information. Hackers spend tons of time thinking of creative ways to do both....

Read more

Sending Phishing Emails From PayPal

In June, we wrote about how hackers were sending phishing emails directly from QuickBooks.

Read more

With Prime Day Around the Corner, Be on the Lookout for These Amazon Scams

It’s practically a holiday at this point: Amazon Prime Day. Two days of ridiculous deals and savings.

Read more

The Classic O365 Credential Attack

Credential harvesting remains the most popular form of phishing.

Read more

Sending Phishing Emails from QuickBooks

Hackers continually impersonate trusted brands to get into the inbox. By leveraging the legitimacy of a trusted domain, security solutions are more likely to view th...

Read more

New Attack Spoofs PayPal to Obtain Payment from End-User

In November, we wrote about an attack that spoofed Amazon. The attack worked by using legitimate Amazon links, forcing the end-user to make a phone call instead to c...

Read more

Fake Business Proposal Contains Macro-Infected Excel Spreadsheet

Financial scams are the name of the game. After all, hackers are after your money first and foremost. 

Read more

Following the Phishing Path

As security professionals, you never want end-users to click on a phishing link. But following the path of what would've happened if they did can be instructive.

Read more

The Reverse Text Attack

When attackers are crafting malicious messages, they have two opposing goals.

Read more

1 2 3 4 5
14-Day Free Trial – Experience the power and simplicity of Avanan Cloud Security.   Start Free Trial