Security News > 2024 > August > Cybercriminals exploit file sharing services to advance phishing attacks

A file-sharing phishing attack is a unique type of phishing threat in which a cybercriminal poses as a known colleague or familiar file-hosting or e-signature solution and sends a target a malicious email containing a link to what appears to be a shared file or document.
File-sharing phishing attacks would be a pressing issue regardless of volume, as one single successful attack can have costly consequences.
The majority of these attacks were sophisticated in nature, with 60% exploiting legitimate domains, most commonly webmail accounts, such as Gmail, iCloud, and Outlook; productivity and collaboration platforms; file storage and sharing platforms like Dropbox; and e-signature solutions like Docusign.
"Very few companies block URLs from these services because they aren't inherently malicious. And by dispatching phishing emails directly from the services themselves, attackers hide in plain sight, making it harder for their targets to distinguish between legitimate and malicious communications. And when attackers layer in social engineering techniques, identifying these attacks becomes near-impossible."
The finance industry was found to be most at risk, with file-sharing phishing attacks making up one in ten attacks.
BEC attacks grew by more than 50% over the last year, with attacks on smaller organizations jumping nearly 60% in the last half.
News URL
https://www.helpnetsecurity.com/2024/08/20/file-sharing-phishing-attacks/
Related news
- Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail (source)
- Threat Actors Exploit ClickFix to Deploy NetSupport RAT in Latest Cyber Attacks (source)
- SonicWall firewall bug leveraged in attacks after PoC exploit release (source)
- New “whoAMI” Attack Exploits AWS AMI Name Confusion for Remote Code Execution (source)
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- Cybercriminals Exploit Onerror Event in Image Tags to Deploy Payment Skimmers (source)
- Chinese Hackers Exploit MAVInject.exe to Evade Detection in Targeted Cyber Attacks (source)
- Cybercriminals shift focus to social media as attacks reach historic highs (source)
- Russian phishing campaigns exploit Signal's device-linking feature (source)
- Darktrace: 96% of Phishing Attacks in 2024 Exploited Trusted Domains Including SharePoint & Zoom Docs (source)