Avanan Blog Attack Briefs (5)


How Outlook Unwittingly Helps Hackers

Microsoft Outlook is built for productivity. That means they offer helpful tools designed to supercharge and streamline daily work.

Read more

The Email to Eml Attack Rises Again

One of the most pernicious computer viruses in history was called Nimda. Though it propagated in many ways, it specialized in spreading via an email attachment.

Read more

New Credential Harvesting Scam Spoofs Microsoft

The majority of all phishing attacks are of the credential harvesting variety. 

Read more

The SLINKIFY Attack: Malformed Links Expose Vulnerability in ATP and Proofpoint

Avanan researchers have uncovered vulnerabilities in both Microsoft ATP and Proofpoint. In this vulnerability, links in the email body can pass scanners uninspected,...

Read more

Missed Delivery: New Phish Spoofs DHL

Did you go wild spending on Black Friday? In anticipation of a shipping crunch, did you seek further afield sellers to find what your friends and family are looking ...

Read more

This USPS Spoof Shows Us That Phishmas is Upon Us

The holidays are approaching, and there appears to be a shipping crunch. Due to supply chain concerns, many are worried that they won’t get their holiday gifts in ti...

Read more

Do You Have a Minute? How a Simple Question Can Lead to Major Damage

Business Email Compromise attacks have exploded in popularity. Gartner has found that BECs increased by nearly 100% in 2019 and through 2023, they predict that BEC a...

Read more

The OneFont Attack: Manipulation and Obfuscation

In 2018, Avanan researchers discovered the ZeroFont phishing technique, whereby hackers insert hidden words, all with a font size of zero, that is invisible to the r...

Read more

New Attack Spoofs Amazon to Obtain Payment From End-User

As holiday shopping begins earlier this year due to supply chain issues, many are beginning to stock up, especially from Amazon. For hackers, it’s an opportunity to ...

Read more

Send Info. Hope for Money. Get Phished Instead.

Last week, we wrote about a scam that spoofs the World Health Organization (WHO) in the hopes of grabbing personal information.

Read more

The BCC Attack

A simple, but effective, way to bypass traditional scanners is by adding the recipient as a BCC.

Read more

WHO Are You? Hackers Spoof World Health Organization

As governments around the world have paid out relief checks during the COVID-19 crisis, it might seem reasonable to receive some form of email communication from gov...

Read more

As Vaccine Mandates Spread, So Too Do Vaccine Scams

As long as COVID-19 vaccines have been readily available, there have been scammers looking to profit from it. According to Check Point Research, the following have b...

Read more

How Impersonation Attacks Fool Users

October is National Cybersecurity Awareness Month. Each week has a theme. This week's theme? Fight the Phish. This blog shows a typical impersonation attack and how ...

Read more

Shortened LinkedIn URL Used for Phishing

When you share a link on LinkedIn, and the URL is over 26 characters, LinkedIn will automatically shorten it, as per its policy. You may have seen it while perusing ...

Read more

Bad Sender: The Importance of Sender Reputation

An easy way to determine if an email is suspicious is by looking at sender reputation. It’s no wonder, then, as we found in our 1H Cyber Attack Report, that 84.3% of...

Read more

Allow Phishing: The Problem with Allow Lists

An Allow List is a simple concept. Essentially, it's a list of addresses or domains that you've deemed safe, and thus emails from those addresses or domains shouldn'...

Read more

At The Beep: Why Voicemail Related Attacks Can Be Confusing

Oftentimes, you'll receive an email that says to call a number. It can be for anything—refunds, ask questions, etc.

Read more

Simple, Yet Effective: How BECs Catch Users Off Guard

Have you ever seen an email like this come across your inbox?

Read more

Quantum Computation: Can Phishing Gain?

A post in occasional series about the ins and outs of data science, by senior AI researcher Natan Katz. Read the first article here. 

Read more

14-Day Free Trial – Experience the power and simplicity of Avanan Cloud Security.   Start Free Trial