Email security news & analysis | SC Media

Email Security News and Analysis

BEC scams grow in complexity as Russian actors launch Cosmic Lynx operation

A newly reported and unusually sophisticated Business Email Compromise (BEC) operation may serve as a model for other cybercriminals looking to up their social engineering game and cash in on a lucrative illegal pastime. In a press release, blog post and detailed dossier (accessible via the blog post), researchers from Agari who discovered the operation…

M3AAWG issues email authentication advice for security pros

The Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) has put out a joint call-to-action with Google and Verizon for the security industry to take more proactive measures to authenticate and secure their sending domains and email addresses by deploying email authentication at scale. Preventing rampant phishing during the COVID-19 period should be a top…

Black Lives Matter phishing scam looks to spread TrickBot malware

Scammers often craft social engineering schemes around major crises and news events, as demonstrated by the wealth of coronavirus-themed phishing campaigns seen this year. Now, as massive U.S. and global protests continue following the May 25 killing of George Floyd at the hands of a Minneapolis police officer, a new phishing operation is attempting to…

Phishing campaign targets remote workers with fake voicemail notifications

Looking for new angles to socially engineer employees working from home under COVID-19 conditions, attackers have devised a new phishing campaign that distributes emails that look as if they were generated by  Private Branch Exchange (PBX), a legacy technology that integrates with employees’ email clients so they can receive their voicemail recordings. In a company…

States’ lack of DMARC adoption ups risk of Covid-19 email spoofing scams

As phishing scammers actively impersonate institutions like the World Health Organization and Centers for Disease Control and Prevention in order to capitalize on Covid-19 fears, government bodies and state-run health care organizations continue to make themselves vulnerable to email spoofing by failing to employ DMARC email validation protections, a new report states. An investigation by…

Form-based phishing attacks impersonate branded file-sharing, productivity sites

Researchers are warning users to be on the lookout for form-based phishing attacks whereby scammers abuse or imitate branded file-sharing, content-sharing and productivity websites in order to trick users into giving up their credentials or their account access. In a blog post on Thursday, Barracuda Networks says that from January through April 2020, these form-based…

Email phishing scam impersonates LogMeIn to trick remote workers

Add LogMeIn to the list of remote services and collaboration platforms whose users are being targeted by phishing scammers seeking to take advantage of businesses’ current work-from-home policies under COVID-19. In a company blog post, Abnormal Security researchers reported witnessing an influx of campaigns targeting LogMeIn — provider of cloud-based remote connectivity services for collaboration,…

Aggah malspam campaign updated with new payloads

An updated Aggah malspam campaign is distributing malicious Microsoft Office documents designed to trigger a multi-stage infection in order to a target a user’s endpoint. The campaign is depositing Agent Tesla, njRAT and Nanocore RAT in a attack that is being run out of several Pastebin accounts, reported Cisco Talos. As with previous Aggah attacks,…

Compromised email account leads to Saint Francis Ministries data breach

An unauthorized party gained entry into an an employee’s email account at Saint Francis Ministries, accessing sensitive personal identifying information, as well as financial and protected health data. In an online notification and corresponding press release, the Salina, Kan.-based non-profit organization said the actor accessed the account between Dec. 13 and 20 of 2019. Saint…

trojan, RAT

Upgraded malicious Word, Excel attachments targeting WFH employees

Cybercriminals are updating their tactics when it comes to using malicious attached Microsoft Word and Excel documents to not only fool the human recipients, but a device’s security software. An increase in the number of Excel spreadsheets being used to deliver the LimeRAT remote access trojan using the VelvetSweatshop default password has been tracked by…

Next post in Email Security