Top Email Protections Fail in Latest COVID-19 Phishing Campaign





An effective spoofing campaign promises users important information about new coronavirus cases in their local area, scooting past Proofpoint and Microsoft Office 356 ATPs.
Threat actors continue to capitalize on fears surrounding the spread of the COVID-19 virus through a surge in new phishing campaigns that use spoofing tactics to effectively evade Proofpoint and Microsoft Office 365 advanced threat protections (ATPs), researchers have found.
The Cofense Phishing Defense Center (PDC) discovered new phishing attacks that use socially engineered emails promising access to important information about cases of COVID-19 in the receiver’s local area, according to a blog post published Tuesday by Cofense researcher Kian Mahdavi.
The emails evade basic security checks and user common sense in a number of ways, to circumvent detection and steal the user’s Microsoft log-in credentials, he said. They also don’t include specific names or greetings in the body of the messages, suggesting they are being sent out to a broad target audience, according to Cofense.
To read the entire article please click on the Source link above.
-Warden Anastasia Luccio, Captain
Categories
- 5.5K All Categories
- 2.7K Ask about Connected Technology
- How To...
- 1K Devices & Security
- 1.5K Network Troubleshooting & Connectivity
- 111 General Discussion, Weird & Wonderful
- 41 Network Infrastructure
- 5.1K Ask about Fing
- 519 Fing Account Change Request
- 1.1K Fing Desktop
- 1.3K Fing App
- 1.6K Fingbox
- 478 Announcements, Beta Testing & Release Notes
- 153 Community Updates
- 24 Getting started
- 12 Community User Guides