![]() ![]() It links to a document in Evernote–not a malicious site.įrom a security perspective, this looks clean. The account was compromised, so the email will pass all authentication measures. It starts with an email from the President of an organization. This attack is a hallmark of that difficulty. In this case, there’s a document on Evernote that leads to a fake login page to steal credentials.īusiness Email Compromise attacks are tough to stop from a security perspective, and tough to recognize from an end-user perspective. Recently, according to Huntress, there’s been an uptick in hosting malicious documents on Evernote. ![]() But Evernote, like many legitimate websites, is being increasingly used for hacking. The Evernote page has since been taken down. The attached message leads to an email saying there’s a “secure message.’ The link goes to an Evernote page. Hackers will often spoof executives using trickery in the sender field in this case, the president of the organization was actually compromised, and thus is sent directly from that person’s account. This starts as an attached message, sent directly from the president of the organization in question. In this attack, hackers are using Evernote links to host malicious messages that are sent in Business Email Compromise attacks In this attack brief, researchers at Avanan, a Check Point Software Company, will discuss how threat actors are using the legitimacy of Evernote to help make their BEC attacks even more convincing. In this BEC attack, we’ve seen hackers get even more creative. If you get an email from your “CEO” asking you to pay an invoice, or worse money to a customer, do you say no? That’s what hackers are hoping for. Think about it from an end-user perspective. ![]() These attacks have led to significant financial losses, primarily because they seem real. ![]() (BEC attacks can also involve malware or malicious links, but the toughest ones to stop are primarily text-based.) There are a number of variants, but in general, these attacks spoof someone in your organization, often an executive, and don’t use any malware or malicious links. Business Email Compromise attacks are one of the fastest-growing and most difficult-to-stop attacks in the cybersecurity space. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |