Security News > 2021 > June > Geek Squad Vishing Attack Bypasses Email Security to Hit 25K Mailboxes
According to researchers at Armorblox, the emails bypassed native Microsoft email security controls along with email security engines like Exchange Online Protection and Proofpoint, landing in tens of thousands of corporate inboxes.
The attackers used the same look and feel from a branding perspective as the real Geek Squad, Iyer said, and the email body language "Carefully [tread] the line between vagueness and urgency-inducing specificity."
Otherwise, the emails used the same approach as in the Geek Squad campaign, being also sent from a Gmail account and with the same "Order Confirmation" subject line, according to the researcher.
"If the number here was taken down, it's very easy for the attackers to stand up another number and repeat the attack flow, because they know the email is getting past traditional email-security controls."
To protect oneself from these types of scams, organizations should not only augment native email security with additional controls, but also layer on additional employee training, especially when it comes to engaging with familiar-seeming emails in a rational and methodical manner.
"Subject the email to an eye test that includes inspecting the sender name, sender email address, language within the email and any logical inconsistencies within the email," Iyer suggested.
News URL
https://threatpost.com/geek-squad-vishing-bypasses-email-security/167014/
Related news
- T-Mobile US 'monitoring' China's 'industry-wide attack' amid fresh security breach fears (source)
- Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks (source)
- North Korean Kimsuky Hackers Use Russian Email Addresses for Credential Theft Attacks (source)
- Phishers send corrupted documents to bypass email security (source)
- Update your OpenWrt router! Security issue made supply chain attack possible (source)
- CERT-UA Warns of Phishing Attacks Targeting Ukraine’s Defense and Security Force (source)
- Cross-Domain Attacks: A Growing Threat to Modern Security and How to Combat Them (source)