Cybercriminals use legitimate websites to obfuscate malicious payloads

2023-06-02 03:30

According to Egress, the evolving attack methodologies currently used by cybercriminals are designed to get through traditional perimeter security.

"Although traditional signature-based detection can filter out phishing emails with known malicious payloads, cybercriminals are constantly refining their attack methods to bypass existing detection systems and appear more credible to their victims. Our report reveals that attacks are increasingly leveraging social engineering, advanced technical measures, and compromised email addresses to deliver sophisticated payloads or defraud organizations. Every attack we analyzed had bypassed other forms of anti-phishing detection, including secure email gateways," Chapman continued.

Cybersecurity experts are grappling with new strategies that surpass conventional domain-based inspection methods, with a growing focus on exploiting legitimate business tools like SharePoint and other trusted sources to deliver attacks.

Using legitimate hyperlinks for reputable brands as carriers for malicious payloads enables attacks to bypass standard link checks.

When analyzing these attacks, researchers found that 71% of the attachment-based payloads were HTML smuggling attacks.

Organizations must adapt their defenses as cybercriminals continue to evolve their attacks.

News URL

https://www.helpnetsecurity.com/2023/06/02/evolving-attack-methodologies/

#cybercriminal