Hey everyone, hope you’re all doing well in beautiful San Francisco! It’s time to chat a bit about phishing again, that pesky email threat that doesn’t seem to want to leave us alone. You know, the one where someone masquerades as a trusted entity and tries to swipe your sensitive data or get you to download harmful software? Yeah, that one.
Let’s get some numbers out there: Can you imagine 963,000 phishing attacks in just the first quarter of 2024 alone? I know it’s hard to believe, but that’s the reality. A little staggering, isn’t it?
Oh, and wire fraud isn’t giving us any respite either. Requests have increased by a whopping 50% and now they’re at around $84,000 per transaction. Seems like the cybercrime economy’s making the most out of phishing, doesn’t it?
Our friends over at LevelBlue Labs have done a bit of detective work to figure out how these pesky messages bypass our email safeties. Use of sophisticated evasion techniques are letting them sneak past filters.
You ask, what kind of tricks? Well, think fancy schemes that involve voice phishing (also known as vishing), delivering harmful files through compromised SharePoint accounts, and yes, even sending targeted phishing emails from legitimate personal accounts, including good old Yahoo.
And, to top it all off, these folks have turned manipulating people into an art form, creating illusions of urgency and appropriating trusted domains to seem genuine.
To add more smoke and mirrors, these bad actors exploit loopholes in email security, making their strikes appear legit while at the same time targeting small groups to avoid volume-based red flags. They even alter their methods to appear as a friend in your inbox. It’s as if they’ve got an invisibility cloak!
Wait, there’s more. They’re manipulating ZIP archives—a file containing one or two elements—where they hide the harmful content. As a result, many email filters only inspect the harmless “decoy” part, unknowingly letting the malicious malware sneak into the system.
Another tactic is to reverse the email’s source code to modify the final display. Combining Latin and Arabic scripts, they play around with text direction to confuse email filters. Sneaky, right?
Oh, aren’t these baddies innovative? But we need to remember, they’re only slipped past because they don’t match recognized phishing models. So, let’s keep our guard up and stay alert to these ever-changing tactics.
And, always remember, knowledge is power. Let’s make sure we stay informed, vigilant and proactive in securing our data. The Cat and Mouse game continues in the cyber world, and we are up for the challenge, right? Spread the word and let’s keep San Francisco safe!
by Morgan Phisher | HEAL Security
