Avanan Blog Attack Briefs (2)


Abusing Microsoft Customer Voice to Send Phishing Links

Dynamics 365 Customer Voice is a Microsoft product that is used primarily to gain feedback from customers. 

Read more

How Black Basta Ransomware Group Starts Their Attack

A new group, Black Basta, is making head waves in the ransomware game. Since May 2022, according to Check Point Research, there have been at least 89 high-profile or...

Read more

Sending Trojans via Scanners

Scanners may seem like a relic of the old days–and certainly of the days of working consistently from an office.

Read more

DHL Takes the Brand Phishing Crown

In an award no one wants to win, DHL is now the most impersonated brand in phishing attacks.

Read more

Hijacking Student Accounts to Launch BEC-Style Attacks

Business Email Compromise (BEC) attacks are some of the most popular and devastating attacks out there. They work, broadly, by sending an email from a spoofed or leg...

Read more

Video: The Google Translate Attack

Earlier today, we published an attack brief on how scammers are leveraging the name of Google Translate to get into the inbox. It's a social engineering scam that la...

Read more

Spoofing Google Translate to Steal Credentials

Popular sites convey legitimacy to the end user. A user is more likely to click on something that looks like Google than something they’ve never seen before.

Read more

Continuing to Leverage Facebook Ads to Send Credential Harvesting Links

A few weeks ago, we wrote about how threat actors are using the Facebook Ad Manager to send credential harvesting links.

Read more

The Auto Delete Attack

A successful credential harvesting scam can have devastating consequences.

Read more

The Dangerous Savanna Campaign is Making Waves

Check Point Research has uncovered a two-year-long campaign that is still going and making waves. The campaign starts by using spear-phishing and then sends maliciou...

Read more

Leveraging Facebook Ads to Send Credential Harvesting Links

Eight million businesses advertise their products on Facebook. 

Read more

New Phishing Campaign Spoofs Avanan

Spoofing brands is a common form of phishing.

Read more

The Piano Giveaway Scam

Everybody loves a giveaway.

Read more

MFA, Man in the Middle and You

Microsoft has reported on a new man-in-the-middle phishing campaign, which targeted over 10,000 organizations in the last year. 

Read more

CFO Spoofed in Convincing Business Email Compromise Scam

If you get an email from your CFO requesting urgent action, what do you do?

Read more

The Static Expressway Hits Healthcare

We have written ad nauseam about something we call The Static Expressway. This refers to the idea of hackers using legitimate web pages to host or send phishing cont...

Read more

Hackers Build Phishing Pages Using AWS Apps

Amazon Web Services (AWS) is one of the most popular cloud storage and hosting solutions. From major companies hosting their work on the service, to individuals usin...

Read more

Best Buy Spoof Uses Google Storage to Launch Phishing Attack

Hackers spoof brands all the time. They are usually popular brands, such as Microsoft or Apple.

Read more

Hackers Host Phishing Pages on Lucidchart

Lucidchart is a popular site used to collaborate on drawings, charts, diagrams and more.

Read more

Mirroring Actual Landing Pages for Convincing Credential Harvesting

The hacker has two tasks: Get into the inbox. And get the user to hand over the desired information. Hackers spend tons of time thinking of creative ways to do both....

Read more

14-Day Free Trial – Experience the power and simplicity of Avanan Cloud Security.   Start Free Trial