The IT Nerd

 INKY, the leader in modern email security for Managed Service Providers, announced today the integration of groundbreaking Generative AI capabilities into its platform, redefining the standards of email security. INKY GenAI is now available to analyze emails in real-time for all eligible customers, at no additional cost.

Building on its legacy of innovation, INKY’s Generative AI marks a major leap forward, akin to its groundbreaking deployment of Computer Vision in late 2018. Now in its sixth generation, INKY Computer Vision recognizes hundreds of brands with human-level accuracy, and its Generative AI sets a new standard for language understanding and email threat detection.

Key Benefits of INKY Generative AI:

1. Human-Level Language Understanding: INKY’s Generative AI processes email content much like advanced chatbots, interpreting meaning and intent regardless of phrasing. This enables superior detection of zero-day attacks, thwarting even the most cleverly worded attempts to evade pattern-based detection systems.
2. Explainable Results: The INKY Dashboard highlights specific sections of an email that contribute to its assessment, giving administrators actionable insights and confidence in the AI’s decision-making process.
3. Integrated Obfuscation Countermeasures: Combining Generative AI with INKY’s existing countermeasures for cloaked text (e.g., zero font, Unicode, and homograph techniques), the platform transforms obfuscated email content into clean text for precise analysis.
4. Broad System Integration: Generative AI is infused into all aspects of INKY’s platform, including the analysis of website content linked in emails and third-party cloud services.
5. Enhanced Graymail Detection: INKY’s popular graymail filter is now even more accurate and effective, providing greater productivity and inbox organization for users.
6. Privacy-First Approach: INKY’s Generative AI operates entirely within the company’s infrastructure, ensuring that no company data or personally identifiable information (PII) is exposed to third parties.

INKY’s Generative AI technology fundamentally changes the email security landscape. By applying advanced AI capabilities, INKY provides comprehensive protection against threats while delivering practical tools to enhance user confidence. Administrators can see the system’s value immediately by examining real-world detections, which demonstrate INKY’s ability to truly “read” and interpret emails with unmatched depth.

For more information on INKY’s Generative AI capabilities and how they provide transformative language understanding and detection capabilities for email security, visit INKY GenAI.

INKY has just published a new Fresh Phish talking about credential harvesting using controversial telegram bots.

Just as the popular messaging app Telegram makes the news for allowing criminal activity on its platform, a new credential harvesting phishing scheme surfaces. This Fresh Phish goes into the weeds to explore this new attack surface.  

You can read all about it here.

INKY has published a Fresh Phish. In short, INKY has discovered an increase in obfuscation techniques that utilize malicious cross-site scripting.

Quick Take: Attack Flow Overview

1. Origin: Newly created domains
2. Payload:  Malicious links with URL-encoded links
3. Techniques: Brand impersonation, Data harvesting
4. Target: Spray and pray – multiple sectors were targeted

You can read the full report here.

INKY analysts have identified a new phishing scheme utilizing weaponized RTF attachments.

Attack Flow Overview:

• Origin: Hijacked accounts & Japanese freemail accounts
• Payload:  Malicious link in RTF attachments
• Techniques: Personalized Phish, Brand Impersonation, Credential Harvesting, Cloud Service Abuse
• Target: Spray and pray – multiple sectors were targeted

You can read the details here.

INKY has published a new Fresh Phish talking about a complicated scheme leveraging legitimate Adobe and Constant Contact tools in a multi-layered attack.

Techniques include:

• Personalized phish — algorithms that extract the recipient’s domain and impersonate that domain to create a unique phish for each recipient.
• Image-based phish — textual phish message is embedded in an image.
• Malicious QR code- conceals the malicious URL from recipients and security software.
• Brand impersonation — uses company logos and trademarks to impersonate well-known brands in order to make an email or malicious site look more legitimate.
• Advanced fees scam — occurs when a victim thinks they are logging in to one of their resource sites but are really entering payment information into a dialog box owned by the attackers.

You can read the report here.

 INKY has published a new Fresh Phish that streaming subscribers should be very interested in.

According to INKY analysts, this type of phish has been impersonating streaming services such as Paramount, Netflix, and Disney+, utilizing phone scams and malicious links to harvest personal data. It’s totally worth reading as it goes into a whole lot of detail about how these scams work which means you have the means to identify these scams and protect yourself.

You can read this latest Fresh Phish here: https://www.inky.com/en/blog/fresh-phish-streaming-platforms-are-targeted-by-bad-actors-amid-the-real-actors-strike

INKY has published a new Fresh Phish that their analysts recently caught. This phish impersonates PepsiCo and uses a malicious disk image to execute code.

You can read the analysis here:

https://www.inky.com/en/blog/fresh-phish-pepsico-impersonation-scam-has-victims-bidding-for-new-business

INKY has published a Fresh Phish talking about a new HTML Smuggling Phish Kit that their researchers discovered. 

Attack Flow Overview:

• Origin: Hijacked accounts and Freemail users
• Payload:  HTML attachments 
• Techniques: Credential harvesting, HTML smuggling
• Target: Microsoft account holders

You can read it here.

 INKY has published a new Fresh Phish talking about a phishing trend using QR codes to harvest credentials. 

Here is an overview:

• Origin: Hijacked account and Freemail users
• Payload:  Malicious link in QR codes
• Techniques: Brand impersonation, Credential harvesting, Image-based phish, QR codes
• Target: Microsoft account holders

You can read INKY’s latest Fresh Phish here.

INKY has published a new Fresh Phish that impersonates OpenAI and takes numerous creative steps to harvest credentials. 

To give you an idea of the complexity, here is a recap of the techniques used in this phish:

• Brand impersonation — using brand logos and trademarks to impersonate well-known brands.
• Spoofing – disguising an email address so it appears to be from someone familiar. 
• Malicious links – a clickable link that directs users to an illegitimate or unsafe website, usually for the purpose of harvesting credentials.
• Credential harvesting — occurs when a victim thinks they are logging in to one of their resource sites but are really entering credentials into a dialog box owned by the attackers.
• Dynamic redirection — uses elements of the victim’s email address, particularly the domain, to guide the attack flow.

You can read their research here.