Phishing Campaign Exploits WeTransfer Alerts To Bypass Email Gateways – Digitalmunition

Cyber Attack | Data Breach OneNote Audio Note Phishing Scam Looks For Your Microsoft Credentials

Published on July 29th, 2019 📆 | 6120 Views ⚑


Phishing Campaign Exploits WeTransfer Alerts To Bypass Email Gateways

The innovativeness of hackers seems to have no end. Once again, they have worked out a means to evade security mechanisms to execute their phishing campaigns. This time, the attack exploits WeTransfer alerts to bypass email gateways.

WeTransfer Alerts Phishing Campaign

Researchers from Cofense have spotted another phishing campaign going on in the wild. This campaign exploits WeTransfer alerts to evade security measures.

As explained in their blog post, the scammers abuse the WeTransfer file hosting service to bypass email gateways.

The attack begins with emails reaching the victim’s mailbox made up as a WeTransfer notification for file sharing. The attackers seemingly use compromised email accounts for sending these phishing emails since these emails contain legit URLs to the WeTransfer service.

Source: Cofense

Clicking on these links redirects the victims to WeTransfer file-sharing webpages. These pages contain HTML or HTML files ready for download. Clicking on the files then redirect the user to the actual phishing sites.

Source: Cofense

Like any other phishing scam, this one too, upon reaching the last phase, requires the users to enter their Office 365 account credentials.

Evasion Of Email Gateways

Because of the presence of trusted WeTransfer links, these phishing emails usually succeed in evading most security checks. According to the researchers,

These links will typically bypass gateways as benign emails, unless settings are modified to restrict access to such file sharing sites… These include ProofPoint, Office365 Safe Links, and Symantec.

Owing to this evasion strategy, despite being obvious, this phishing scam is likely to fool some users.

Earlier, the same researchers also highlighted another phishing campaign that tends to bypass security checks. In that case, the researchers evaded all defense measures by using QR codes.

Considering the growing number of such phishing attacks, each with a new strategy, it is imperative for users to “think twice” before clicking on any email they receive.

Stay safe!

The following two tabs change content below.
Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

Source link

Tagged with:

Leave a Reply ✍