In the realm of Business Email Compromise (BEC) attacks, cybercriminals are finding new ways to utilize popular, trusted platforms to launch their malicious activities as the use of legitimate services to propagate attacks is the new norm. Today, Avanan, a Check Point Software Company, have released an attack brief that brings to light a new wave of BEC attacks.
The report elucidates how hackers are creating malicious landing pages in Squarespace, a reputable website building and hosting company, to bypass security checks like VirusTotal.
The emails associated with these attacks are seemingly innocuous, originating from legitimate domains and containing no alarming text. However, the actions that follow the email click-through are malicious. This highlights the importance of good browser security in complementing email security, as the malicious payload is often nested a few layers past the email.
In light of this new BEC variant, it’s essential for security professionals to implement security measures that scrutinize all URLs and emulate the pages behind them, along with educating users on these new threats.
The detailed attack brief is available at: https://www.avanan.com/blog/bec-3.0-creating-malicious-content-hosted-on-squarespace.
Related
This entry was posted on May 11, 2023 at 9:23 am and is filed under Commentary with tags Avanan. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
New Era of BEC 3.0 Phishing Attacks: Creating Malicious Content Hidden and Hosted on Squarespace
In the realm of Business Email Compromise (BEC) attacks, cybercriminals are finding new ways to utilize popular, trusted platforms to launch their malicious activities as the use of legitimate services to propagate attacks is the new norm. Today, Avanan, a Check Point Software Company, have released an attack brief that brings to light a new wave of BEC attacks.
The report elucidates how hackers are creating malicious landing pages in Squarespace, a reputable website building and hosting company, to bypass security checks like VirusTotal.
The emails associated with these attacks are seemingly innocuous, originating from legitimate domains and containing no alarming text. However, the actions that follow the email click-through are malicious. This highlights the importance of good browser security in complementing email security, as the malicious payload is often nested a few layers past the email.
In light of this new BEC variant, it’s essential for security professionals to implement security measures that scrutinize all URLs and emulate the pages behind them, along with educating users on these new threats.
The detailed attack brief is available at: https://www.avanan.com/blog/bec-3.0-creating-malicious-content-hosted-on-squarespace.
Share this:
Like this:
Related
This entry was posted on May 11, 2023 at 9:23 am and is filed under Commentary with tags Avanan. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.