Security News > 2021 > March > How phishing attacks evade traditional security defenses
A report issued on Tuesday by email security provider Armorblox looked at the tactics employed by three recent phishing campaigns and suggests ways to avoid these types of scams.
In each case, the emails were able to get past security defenses to end up in the inboxes of their targeted victims.
The page looks similar enough to the real Facebook login portal and conveys a sense of urgency so that some Facebook users may fill out the form without scrutinizing the URL. The phishing email in this attack got past both Cisco Email Security Appliance and Microsoft's Exchange Online Protection.
This Microsoft phishing email thwarted both Cisco E Email Security Appliance and Microsoft EOP. The email was assigned a Spam Confidence Level of -1 by Microsoft.
Clicking the link in the email had directed users to a phishing page hosted on Omnisend, an e-commerce email marketing and SMS platform.
The actual phishing email evaded the defenses of Symantec Advanced Threat Protection but got a Spam Confidence Level of 5 from Microsoft, which redirected it to the junk folders of recipients.
News URL
Related news
- CERT-UA Warns of Phishing Attacks Targeting Ukraine’s Defense and Security Force (source)
- Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks (source)
- Phishing-as-a-Service "Rockstar 2FA" Targets Microsoft 365 Users with AiTM Attacks (source)
- Novel phishing campaign uses corrupted Word documents to evade security (source)
- GenAI makes phishing attacks more believable and cost-effective (source)
- Update your OpenWrt router! Security issue made supply chain attack possible (source)
- Inside the incident: Uncovering an advanced phishing attack (source)
- Microsoft enforces defenses preventing NTLM relay attacks (source)
- Ongoing phishing attack abuses Google Calendar to bypass spam filters (source)
- Cross-Domain Attacks: A Growing Threat to Modern Security and How to Combat Them (source)