At The Identity Organisation, we're here to help!

    Or drop us a mail!

    Your privacy is important to us, and we want to communicate with you in a way which has your consent and which is in line with UK Law on data protection. As a result of a change in UK law on 25th May 2018, by providing us with your personal details you consent to us processing your data in line with current GDPR requirements.

    Here is where you can review our Privacy & GDPR Statement

    To remove consent at any time, please e-mail info@tidorg.com with the word "unsubscribe" as the subject.

    +44 (0) 1628 308038 info@tidorg.com

    75K email inboxes hit in new credential phishing campaign

    Phishing

    Some 75,000 email inboxes have been impacted so far in what appears to be an email phishing campaign motivated by credential harvesting. Many of the attacks involved the threat actors targeting small groups of employees from different departments within an organisation in an apparent attempt to keep a low profile.

    Security researchers from Armorblox report observing the attack on customer systems across Office 365, Microsoft Exchange, and Google Workspace environments. The attack involved the use of a lure that spoofed an encrypted message notification from email encryption and security vendor Zix and used a domain that belonged to a religious organisation established in 1994 and is likely a deprecated or old version of the organisation’s parent domain.

    Abhishek Iyer, director of product marketing at Armorblox, says there’s little evidence the attackers are going after any specific industry. So far, the attacks have affected Armorblox customers across multiple verticals, including energy, local government, higher education, software, and electrical construction. Iyer says the attacks on individuals within organisations appear targeted. The victims represent a mix of senior leadership and regular employees from across the enterprise.

    “If we were to pinpoint any one reason for the email slipping past existing security controls, it would be using a legitimate domain to send the email,” Iyer notes. “This allowed the email to bypass all authentication checks.”

    Phishing remains one of the most employed tactics among threat actors to gain an initial foothold on a target network. Though phishing is perhaps one of the best understood initial attack vectors, organizations have had a hard time addressing the threat because of the continued susceptibility of individual users to phishing emails.

    In many instances, attackers have also gotten a lot more sophisticated in crafting phishing lures and have increasingly begun combining email phishing with SMS-based phishing (smshing) and voice or phone-based phishing (vishing). According to the Anti Phishing Working Group (APWG), phishing activity doubled in 2020 and has remained at a steady but high level through the first half of this year. APWG says it observed 222,127 phishing attacks in June 2021 alone, making it the third-worst month in the organization’s reporting history. Financial institutions and social media sectors were the most frequently targeted during the last quarter.

    New-school security awareness training can give your employees a healthy sense of suspicion so they can avoid falling for these types of attacks.

    With thanks to the Cyber Defence Alliance and Dark reading. The full story is here: https://www.darkreading.com/attacks-breaches/75k-email-inboxes-impacted-in-new-credential-phishing-campaign

    Free Ransomware Simulator Tool

    Threat actors are constantly coming out with new strains to evade detection. Is your network effective in blocking all of them when employees fall for social engineering attacks?

    KnowBe4’s “RanSim” gives you a quick look at the effectiveness of your existing network protection. RanSim will simulate 22 ransomware infection scenarios and 1 cryptomining infection scenario and show you if a workstation is vulnerable.

    RansIm-Monitor3

    Here’s how it works:

    • 100% harmless simulation of real ransomware and cryptomining infections
    • Does not use any of your own files
    • Tests 21 types of infection scenarios
    • Just download the install and run it 
    • Results in a few minutes!
    Get RanSim!

    PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser: https://info.knowbe4.com/ransomware-simulator-tool-partner?partnerid=001a000001lWEoJAAW

    Sign Up to the TIO Intel Alerts!

    Back To Top