Enter your email address to be notified for every new product update.
Phish Files 1108
Posted by
Jeremy Fuchs on Dec 3, 2021 11:45:00 AM
Week of 11/1—11/5
This is the Weekly Digest of our latest blog posts, white papers, case studies, attack briefs, and more. Each Monday, we'll send you our updates from the previous week.
Want to sign up to receive these each week? Clickhere.
In this explanatory blog, we discuss some of the top email security threats out there today. We dive into the effects the pandemic had on the world of security; why it's more essential than ever to install email security; and the different types of threats, including Business Email Compromise and malware. The article also delves into some of the best practices to ensure your email stays protected.
This is another explanatory blog that discusses account takeover. This blog explains the phenomenon of account takeover; why it can be dangerous for enterprises; and some of the best practices to prevent it.
In this attack, we describe a multi-step scam that spoofs Amazon. The attack has two goals: obtain payment info, and then obtain phone numbers to continue attacks later on, a phenomenon we're calling phone number harvesting. The attack starts by spoofing an Amazon order notification. All the links are legit, pointing to the actual Amazon site. The only recourse someone has is to call the number listed in the email. This is not an Amazon number. When someone calls the number, no one answers. A few hours later, the call is returned and they ask for a credit card number and CVV to cancel the transaction. What's particularly interesting about this attack is that it doesn't stop after the credit card info is obtained. Because they now have a phone number, they can begin to do text-based or voicemail-based scams, whenever they want.
Defense-in-depth is a critical tenant of security. However, as this blog explains, sometimes the legacy approach doesn't adhere to that. When you purchase a SEG, you end up getting two systems, instead of layered security. With your O365 license, you get features like archiving, secure messaging and more. You get that with your SEG, too. But instead of layering security so that there are fail-safes, you're just getting more of the same.
In this blog, we follow a Reddit thread that details users' frustrations with ATP's filtering. In particular, when the policy is to send spam detections to be quarantined, it instead gets filtered as spam and sent to the Junk folder. This happens due to misconfiguration. If everything is not aligned perfectly, issues like this can happen easily.
