Avanan Blog Attack Briefs (27)


Cybercriminals Use Microsoft Sway Scams to Phish Office 365 Security and Your Well-Trained Users

Have you heard of Microsoft Sway? If you haven’t, there’s a good chance your users don’t know about it either. That’s why this content creation service is used in ph...

Read more

QR-Code-Attack-Featured

QReep: Sextortion campaign uses QR codes to link to bitcoin wallets instead of URLs

Avanan has uncovered a new sextortion attack that uses QR codes instead of URLs to avoid bitcoin wallet detection. To drive the attack, hackers claim they have foota...

Read more

Metamorph-Featured-Image

Update — HTML Attachment Attack on Office 365

This summer, we reported that hackers were bypassing Office 365 EOP and ATP with an ingeniously simple attack that uses HTML attachments in email to launch phishing ...

Read more

5-Things-Everyone-Should-Know-About-the-2016-DNC-Email-Breach

5 Things Security Professionals Should Know About the DNC Email Breach

As we enter the 2020 election season, we are once again discussing the possibility of foreign intervention, which puts the 2016 hack of the Democratic National Commi...

Read more

featured-image-reploy

Re:Ploy Email Chain Hijack Attack

Let’s say your organization has the best security. Your employees are trained to never fall victim to phishing. You have SSO and it’s very hard to take over your acc...

Read more

salespharce-featured-image

Salesforce Attack: Hackers Use Phishing Email Invoices to Scam Users

What’s more dangerous than hackers running amok in your corporate email? How about if they had global access to your salesforce.com account? Salesforce.com [$CRM] is...

Read more

Metamorph-Featured-Image

MetaMorph HTML Obfuscation Phishing Attack

In yet another example of a phishing campaign impersonating Microsoft’s voicemail notification, we see an HTML attachment that leads to a credential-harvesting URL. ...

Read more

Validator-Featured-Image

Office 365 Credential Validator Phishing Attack

Hackers are using Microsoft Azure Blob Storage to specifically attack Office 365 admins to take over the Office 365 environment. Although windows.net phishing attack...

Read more

Watch-Out-for-HTML-Attachments-the-Latest-Phishing-Trend-Targeting-Office-365-Featured

HTML Attachments: The Latest Phishing Trend Targeting Office 365

The average person interacts with HTML every day while surfing the internet. Unless they are a UX developer or designer, however, they probably shouldn’t expect to r...

Read more

Root-Domain-Hack-Impacts-70-of-Email-Gateway-Customers-Featured

Root Domain Hack Impacts 70% of Email Gateway Customers

Hackers are bypassing email security gateways and sending phishing emails directly to Google and Office 365 root domains. If you’re using a gateway, and your mail fl...

Read more

14-Day Free Trial – Experience the power and simplicity of Avanan Cloud Security.   Start Free Trial