Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

From April to September 2024, Netskope Threat Labs tracked a 10-fold increase in traffic to phishing pages crafted through Webflow. The campaigns target sensitive information from different crypto wallets, including Coinbase, MetaMask, Phantom, Trezor, and Bitbuy, as well as login credentials for multiple company webmail platforms, as well as Microsoft365 login credentials.

Threat actors spread malware via callback phishing, Mandiant analyzes time-to-exploit trends, and PureLogs targets the Chrome browser.

Researchers at Trustwave observed a 140% increase in callback phishing attacks between July and September 2024. Callback phishing is a social engineering tactic that involves emails and phone calls to trick users into handing over login credentials or other sensitive data or installing malware. The attacks begin with a phishing email that appears to be a notification for something that needs to be addressed urgently, such as an order invoice or an account termination notice.

Sixty-four percent of IT leaders have clicked on phishing links, a new survey by Arctic Wolf has found. Despite this, 80% of these same professionals are confident their organization won’t fall victim to a phishing attack. The survey found that 34% of organizations send simulated phishing emails to their employees at least once every two weeks, but only 15% of end users are aware of them. Likewise, the IT and security leaders surveyed said 83% of their employees fall for the phishing simulations.

Previously, Trustwave SpiderLabs covered a massive fake order spam scheme that impersonated a tech support company and propagated via Google Groups. Since then, we have observed more spam campaigns using this hybrid form of cyberattack with varying tactics, techniques, and procedures (TTP). Between July and September, we witnessed a 140% increase in these spam campaigns. In this blog, we will showcase the different spam techniques used in these phishing emails.

This is a burning issue that must be considered by all organizations striving to decrease their cybersecurity vulnerabilities. Keep reading to get familiar with the risks of GenAI utilized for email attacks and how advanced implementations can counterpose malicious activities.

Microsoft warns that threat actors are abusing legitimate file-hosting services to launch phishing attacks. These attacks are more likely to bypass security filters and appear more convincing to employees who frequently use these services. “Legitimate hosting services, such as SharePoint, OneDrive, and Dropbox, are widely used by organizations for storing, sharing, and collaborating on files,” Microsoft says.

This malicious tactic enables cybercriminals to sneak into an organization’s email network or other systems without the payloads typically associated with harmful software. The payloadless method leverages harder-to-detect malware delivery techniques and psychological manipulation to execute attacks. It reflects the ingenuity of threat actors and emphasizes the need for organizations to never stop revamping their security strategies.

New research shows that less malicious emails are getting past security scanners to the inbox, but also provides details about how phishing emails are becoming increasingly dangerous. So much of our training is centered around elevating the employee’s state of cyber awareness so that when they do come across that sketchy email or that too good to be true web page, they know better. But it’s only one part of a larger cybersecurity effort within an organization.