Security News > 2021 > June > Geek Squad Vishing Attack Bypasses Email Security to Hit 25K Mailboxes

According to researchers at Armorblox, the emails bypassed native Microsoft email security controls along with email security engines like Exchange Online Protection and Proofpoint, landing in tens of thousands of corporate inboxes.

The attackers used the same look and feel from a branding perspective as the real Geek Squad, Iyer said, and the email body language "Carefully [tread] the line between vagueness and urgency-inducing specificity."

Otherwise, the emails used the same approach as in the Geek Squad campaign, being also sent from a Gmail account and with the same "Order Confirmation" subject line, according to the researcher.

"If the number here was taken down, it's very easy for the attackers to stand up another number and repeat the attack flow, because they know the email is getting past traditional email-security controls."

To protect oneself from these types of scams, organizations should not only augment native email security with additional controls, but also layer on additional employee training, especially when it comes to engaging with familiar-seeming emails in a rational and methodical manner.

"Subject the email to an eye test that includes inspecting the sender name, sender email address, language within the email and any logical inconsistencies within the email," Iyer suggested.

News URL

https://threatpost.com/geek-squad-vishing-bypasses-email-security/167014/