Phishing Attacks Dodge Email Security

GovInfoSecurity.com

Doug Olenick

A fresh round of phishing attacks is relying on using trusted services and a well-designed social engineering scheme to trick users into enabling malware to bypass an end point's security protocols, the security firm Cofense says in a new report.

The attack profile centers on using legitimate file-sharing websites and invoice-themed phishing attacks to steal credentials and spread malware, Aaron Higbee, CTO and co-founder of Cofense, tells Information Security Media Group in a video interview.

"What we're seeing more and more these days is attackers leveraging valid third-party file transfer sites and valid web hosting sites like Office 365 to not only send their phishing emails, but also...

Get the Morning Update

© 2020 by HealthcareCISO.