Collaborate Disseminate
By Chris Hall, Professional Services There are plenty of websites offering URL scanning for malicious links. Their tools are a quick and easy way to analyze a URL without visiting the site in a sandboxed environment. Widely used, these tools are accura… Continue reading Are URL Scanning Services Accurate for Phishing Analysis?
By Milo Salvia, CofenseTM Phishing Defense CenterTM This blog has been updated since its first appearance on October 17, 2019 to include information related to the threat origin and bypassed email gateways. The Cofense Phishing Defense Center (PDC) has… Continue reading New Credential Phish Masks the Scam Page URL to Thwart Vigilant Users
By Milo Salvia, CofenseTM Phishing Defense CenterTM This blog has been updated since its first appearance on October 17, 2019 to include information related to the threat origin and bypassed email gateways. The Cofense Phishing Defense Center (PDC) has… Continue reading New Credential Phish Masks the Scam Page URL to Thwart Vigilant Users
By Milo Salvia, Cofense Phishing Defense CenterTM The Cofense Phishing Defense Center (PDC) has observed a phishing campaign that aims to harvest credentials from Stripe, the online payment facilitator handling billions of dollars annually, making it a… Continue reading This Credential Phish Masks the Scam Page URL to Thwart Vigilant Users
By Milo Salvia, Cofense Phishing Defense CenterTM The Cofense Phishing Defense Center (PDC) has observed a phishing campaign that aims to harvest credentials from Stripe, the online payment facilitator handling billions of dollars annually, making it a… Continue reading This Credential Phish Masks the Scam Page URL to Thwart Vigilant Users
By Hunter Johnson, Cofense Professional Services Cofense has observed threat actors employing a modified version of a sextortion scam using alternative crypto currencies to bitcoin. Typical sextortion scams claim to have installed malware on recipient… Continue reading New Phishing Sextortion Campaign Using Alternative Crypto Currencies to Evade Detection
By Hunter Johnson, Cofense Professional Services Cofense has observed threat actors employing a modified version of a sextortion scam using alternative crypto currencies to bitcoin. Typical sextortion scams claim to have installed malware on recipient… Continue reading New Phishing Sextortion Campaign Using Alternative Crypto Currencies to Evade Detection
Last week, the Cofense Phishing Defense CenterTM observed phishing threat actors using low-level trickery to avoid detection, by utilizing basic percentage-based URL encoding. This takes advantage of Google’s nifty ability to decode the encoded URL dat… Continue reading Threat Actors Use Percentage-Based URL Encoding to Bypass Email Gateways
Last week, the Cofense Phishing Defense CenterTM observed phishing threat actors using low-level trickery to avoid detection, by utilizing basic percentage-based URL encoding. This takes advantage of Google’s nifty ability to decode the encoded URL dat… Continue reading Threat Actors Use Percentage-Based URL Encoding to Bypass Email Gateways
Phishing threat actors are using Captcha methods to bypass automated URL analysis. By using Captcha techniques to prove human presence, the phish prevents the secure email gateway (SEG), in this case Mimecast’s gateway, from scanning the URL thereby en… Continue reading New Phishing Campaign Uses Captcha to Bypass Email Gateway