New phishing tactic hijacks email protections to mask links>
SC Magazine – Laura French
Barracuda, an email security company, recently exposed a phishing campaign that exploits legitimate URL protection services to conceal malicious email links
The attackers use compromised business accounts with URL protection to generate pre-wrapped phishing links, making them less likely to be detected and filtered automatically
The campaign, which began in mid-May 2024, has targeted hundreds of organizations
Phishing emails include fake password reset reminders and DocuSign documents that lead victims to malicious websites
The attackers likely used compromised business accounts to create the wrapped links, copying the rewritten URLs for their phishing emails
Barracuda emphasized the importance of deploying products with multiple defense layers to combat such attacks
The company’s own Email Protection service uses machine learning and LinkProtect to minimize user interaction with malicious links
This campaign is similar to previous ones where attackers used link-shortening services, LinkedIn Smart Links, Google’s Accelerated Mobile Pages (AMP) framework, and public cloud services to disguise phishing links with legitimate domains
These tactics highlight the need for comprehensive email protection beyond basic domain filtering to effectively defend against increasingly sophisticated phishing attempts.
Link: https://www.scmagazine.com/news/new-phishing-tactic-hijacks-email-protections-to-mask-links