Security News > 2021 > March > How phishing attacks evade traditional security defenses

A report issued on Tuesday by email security provider Armorblox looked at the tactics employed by three recent phishing campaigns and suggests ways to avoid these types of scams.
In each case, the emails were able to get past security defenses to end up in the inboxes of their targeted victims.
The page looks similar enough to the real Facebook login portal and conveys a sense of urgency so that some Facebook users may fill out the form without scrutinizing the URL. The phishing email in this attack got past both Cisco Email Security Appliance and Microsoft's Exchange Online Protection.
This Microsoft phishing email thwarted both Cisco E Email Security Appliance and Microsoft EOP. The email was assigned a Spam Confidence Level of -1 by Microsoft.
Clicking the link in the email had directed users to a phishing page hosted on Omnisend, an e-commerce email marketing and SMS platform.
The actual phishing email evaded the defenses of Symantec Advanced Threat Protection but got a Spam Confidence Level of 5 from Microsoft, which redirected it to the junk folders of recipients.
News URL
Related news
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- Darktrace: 96% of Phishing Attacks in 2024 Exploited Trusted Domains Including SharePoint & Zoom Docs (source)
- Phishing attack hides JavaScript using invisible Unicode trick (source)
- FatalRAT Phishing Attacks Target APAC Industries Using Chinese Cloud Services (source)
- CrowdStrike Security Report: Generative AI Powers Social Engineering Attacks (source)
- Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail (source)
- YouTube warns of AI-generated video of its CEO used in phishing attacks (source)
- Ukrainian military targeted in new Signal spear-phishing attacks (source)
- AI-Powered SaaS Security: Keeping Pace with an Expanding Attack Surface (source)
- After Detecting 30B Phishing Attempts, Microsoft Adds Even More AI to Its Security Copilot (source)