Dropbox Sign Breach Exposes Customer Data
Cloud storage giant Dropbox has recently disclosed a data breach affecting its eSignature service, Dropbox Sign (formerly HelloSign). The incident highlights the ongoing risks businesses…
Threat Actors Using Legitimate Software-As-A-Service Platforms to Create Malicious Phishing Websites
Description:
The number of phishing attacks using legitimate software-as-a-service (SaaS) platforms has risen by 1100% since June 2021, according to a report published by Palo Alto Networks Unit 42. Notably, there has been a recent huge spike in the number of detected phishing URLs hosted on SaaS platforms since May 2022.
Many threat actors use these platforms to get around URL detection systems, such as those used to scan emails. By hosting their malicious site on a legitimate platform, a phishing email containing a link to one of these sites is less likely to be flagged as malicious and has a higher chance of reaching the intended target.
Unit 42 has noted that as many of these SaaS platforms are designed to be easy to use with little or no coding skills required, the barrier for entry to creating and launching phishing attacks has been significantly lowered, perhaps contributing to the recent sharp rise in phishing URL’s detected and created using SaaS.
Preventions:
Phishing attacks are one of the most used methods by hackers to gain access to a system. To reduce the chances of a phishing attack from becoming successful:
- Turn on spam filters and investigate possible anti-phishing solutions. Using systems that detect phishing emails can help prevent these emails from reaching your users.
- Train staff to spot the signs of a phishing attack, such as looking for spelling mistakes, bad grammar, odd email handles and urgent requests.
- Should a phishing email land in your inbox, notify all staff to look out for similar emails. If possible, block the email domain and IP address.
- Create an atmosphere of trust within your organisation – ask staff to report any phishing emails as soon as possible, especially if they have clicked on any links or files within the email.
Related Links:
https://unit42.paloaltonetworks.com/platform-abuse-phishing/ – Published August 23rd
Related articles
Social Media Fraud: The Evolving Threat and How to Defend Yourself
Social media platforms offer connection and entertainment, but they’ve also become a hunting ground for sophisticated scammers. These criminals are increasingly turning to a combination…
DarkGate Malware: Threat Exploiting AutoHotkey
The DarkGate malware family, a persistent threat since 2018, has recently resurfaced in a sophisticated global campaign. This Remote Access Trojan (RAT), built using the…