Anatomy of a Phishing Attack: Stolen Microsoft 365 Credentials
by Daria Aleksandrova
Phishing attacks designed to steal Microsoft 365 credentials are launched every day and growing more sophisticated. We recently detected a massive attack that hid a fake Microsoft 365 login page in the incoming emails’ attachments.
Over the years, enterprise security teams and threat actors have been involved in a never-ending game of cat and mouse. Organizations pour millions of dollars to stop advanced threats, but threat actors continue finding ways to evade detection by either enhancing their code or simply repackaging malware in more ways than one. This blog discusses the use of multiple components, including the use of legitimate software and encryption to deliver malware in a new manner.
Spear Phishing, Whaling, and Delayed Detonation, Oh My!
by Cyren Security Blog
Companies worldwide are up against sophisticated email attacks like Business Email Compromises (BEC). These attacks are also known as spear phishing, impersonation, and whaling, with the goal of convincing an end-user to release money or provide account information.
How Machine Learning Is Building a Better Spam Trap
by Cyren Security Blog
Bad actors are constantly raising the ante on email scams. According to Microsoft, “phishers have been quietly retaliating, evolving their techniques to try and evade protections. In 2019, we saw phishing attacks reach new levels of creativity and sophistication.”
Microsoft 365 Is Wildly Successful and Profoundly Vulnerable - Here’s Why
by Cyren Security Blog
Microsoft 365 has been adopted and used at an enormous rate and now powers 600,000 companies in the United States alone. Also enormous? The 78% of Microsoft 365 administrators who reported successful security breaches, citing email phishing as the leading cause.
