Phishing Campaign Uses Malicious Office 365 App

Phishing Campaign Uses Malicious Office 365 App

Most phishing campaigns use social engineering and brand impersonation to attempt to take over accounts and trick the victim into divulging their credentials. PhishLabs has uncovered a previously unseen tactic by attackers that uses a malicious Microsoft Office 365 App to gain access to a victim’s account without requiring them ... Read More
Active TrickBot Campaign Observed Abusing SendGrid and Google Docs

Active TrickBot Campaign Observed Abusing SendGrid and Google Docs

| | banking trojan, TrickBot
PhishLabs has observed an active TrickBot campaign targeting the employees of multiple organizations. Trickbot is a sophisticated successor of the Dyre Banking Trojan. It uses an intricate network of command and control servers (C2), web injects, and customized redirection attacks that leverage HTML or JavaScript injections to target numerous financial ... Read More
Active Office 365 Phishing Campaign Targeting Admin Credentials

Active Office 365 Phishing Campaign Targeting Admin Credentials

PhishLabs has detected attempts to compromise Microsoft Office 365 administrator accounts as part of a broad phishing campaign. In the campaign, the threat actor(s) delivered a phishing lure that impersonated Microsoft and their Office 365 brand but came from multiple validated domains - an educational institution for example - not ... Read More
Brain-Hacking Part 2: Ain’t Nobody Got Time for That!

Brain-Hacking Part 2: Ain’t Nobody Got Time for That!

Taking Advantage of Our Tendency to Simplify There’s an old joke floating around the Internet that claims NASA, upon discovering that standard ballpoint pens would not work in space, invested millions of dollars and years of R&D. The resulting pen was supposedly capable of writing in zero-G, on any surface, ... Read More
This message is from a trusted sender, or is it?

This message is from a trusted sender, or is it?

|
We’ve previously reported on how, due to the rise in phishing attempts leveraging SSL certificates, the icon in your web browser gives your users a false sense of security. The threat, however, doesn’t end with your web browser ... Read More
Science Of Persuasion

Brain-hacking: Why Social Engineering is so effective

You are affected by social engineering tactics every day ... Read More