Researchers have discovered a new phishing campaign designed to spread ransomware and steal data by capitalizing on interest in the recent Colonial Pipeline outage. Security vendor Inky spotted the malicious emails, which said several Microsoft 365 customers were targeted.
The recent ransomware attack on Colonial Pipeline inspired a threat actor to create a new phishing lure to trick victims into downloading malicious files. The emails are targeted and tailored as urgent notifications to download and install a system update that would defend against the latest ransomware strains.
The emails ask employees to download a “ransomware update” that is actually malware. Cyberattackers are now using the notoriety of the Colonial Pipeline ransomware attack to leverage further phishing attacks, according to the findings of a cybersecurity company. It is common for attackers to use widely-covered news events to get people to click on malicious emails and links, and cybersecurity firm INKY said it recently received multiple helpdesk emails about curious emails their customers were receiving.
The move to home working provided new opportunities for phisherfolk, but as many people start to return to their offices the attackers are pivoting to exploit that too. A new report from email phishing protection specialist INKY shows attacks are capitalizing on vulnerability and the desire for accurate information about returning to the office in-person.
INKY processed 656,954,951 emails in 2020. From this data, they ranked the top 25 most-phished brands during 2020. In round numbers, that’s two-thirds of a billion. Within this pool, Inky found 4,874,096 phishing campaigns. Of those phishing campaigns, 591,293 of them were brand impersonations. Out of the brand-impersonation group, INKY found 40,903 unique campaigns.
The cybercriminal interest in hijacking university email domains is one of cybersecurity’s worst kept secrets and yet it’s become a problem that only seems to generate more bad news.
Source: www.healthitsecurity.com A new phishing campaign has been spotted in the wild using hidden text, or what’s known as zero font, to bypass email security controls and deliver malicious emails to the user, according to a recent report from Inky Technology.
Video conferencing tech has been a lifeline for businesses, helping them sustain operations and communications amid the surreal events of 2020. But this sudden reliance was a vulnerability that some were ready to exploit.
Inky has reported a new phishing attack designed to confuse Secure Email Gateways (SEG). The attack is using hidden text to stop the SEG rejecting the email as fraudulent. It is also taking advantage of the Unicode Soft Hyphen feature to hide the displayed text from the SEG engine. The result is that the email is delivered to the user, looks like a legitimate email and is likely to be successful at harvesting user credentials.
Anti-Phishing Software
INKY uses machine learning and computer vision to identify and block zero-day phishing emails that get through legacy email systems.
Learn more
Mobile Phishing Protection
Mobile phishing protection that works wherever your employees are. Protect your business, anywhere employees are checking email.
Learn more
Outbound Mail Protection
INKY delivers modern data loss prevention by detecting and alerting you to high-risk emails before they get out the door.
Learn more
Internal Mail Protection
INKY Internal Mail Protection, an add-on to INKY Phish Fence, protects an organization’s internal email traffic.
Learn more
