At The Identity Organisation, we're here to help!

    Or drop us a mail!

    Your privacy is important to us, and we want to communicate with you in a way which has your consent and which is in line with UK Law on data protection. As a result of a change in UK law on 25th May 2018, by providing us with your personal details you consent to us processing your data in line with current GDPR requirements.

    Here is where you can review our Privacy & GDPR Statement

    To remove consent at any time, please e-mail info@tidorg.com with the word "unsubscribe" as the subject.

    +44 (0) 1628 308038 info@tidorg.com

    Phishing Attacks Abuse Content Creation and Collaboration Platforms

    Researchers at Barracuda have observed an increase in phishing attacks that abuse popular content creation and collaboration platforms. These include online graphic design platforms and document-sharing services widely used by educational institutions and businesses.

    “The analysts found that attackers are sending out emails from these platforms, featuring legitimate-looking posts, designs, and documents, but with embedded phishing links,” the researchers write. “If an email recipient interacts with these links, they are often directed to fraudulent login pages or other deceptive sites intent on stealing sensitive information, such as login credentials and personal data.”

    In one instance, attackers used a collaboration tool used by schools to share links to a spoofed Microsoft login page designed to harvest credentials.

    “The analysts found several phishing attacks leveraging an online collaboration tool widely used in educational settings,” the researchers write. “The platform allows students to create and share virtual boards or ‘walls’ where they can post and organize several types of content. Cybercriminals are leveraging the platform’s post walls to send emails with embedded phishing links or URLs. In one example seen by the analysts, the platform is used to host voicemail phishing links. Once the user clicks the button to play the voicemail, it takes them to another link, which redirects them to a fake Microsoft login page designed to capture and steal their login credentials.”

    The researchers emphasize that students and employees need to be aware that legitimate tools can be abused to spread malicious links.

    “It is vital that for individuals and organizations, including educational institutions, remain vigilant and implement robust security measures that can detect and adapt to evolving threats,” Barracuda concludes. “For example, individuals need to be wary of clicking on links in unsolicited emails, or in message from people they don’t know. Other potential red flags include suspicious calls to action, and unexpected or illogical landing sites from links they receive, such as a service that isn’t provided by Microsoft asking for Microsoft logins.”

    KnowBe4 empowers your workforce to make smarter security decisions every day. Over 70,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.

    Barracuda has the story.

    Free Phishing Security Test

    Would your users fall for convincing phishing attacks? Take the first step now and find out before bad actors do. Plus, see how you stack up against your peers with phishing Industry Benchmarks. The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.

    Here’s how it works:

    • Immediately start your test for up to 100 users (no need to talk to anyone)
    • Select from 20+ languages and customize the phishing test template based on your environment
    • Choose the landing page your users see after they click
    • Show users which red flags they missed, or a 404 page
    • Get a PDF emailed to you in 24 hours with your Phish-prone % and charts to share with management
    • See how your organization compares to others in your industry

    Go Phishing Now!

    PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser: https://info.knowbe4.com/phishing-security-test-partner?partnerid=001a000001lWEoJAAW

    Sign Up to the TIO Intel Alerts!

    Back To Top