According to Microsoft, Safe Links is a feature of Microsoft 365 Defender (f.k.a. Advanced Threat Protection, Microsoft Defender for Office 365) that helps protect from...
Cyren Security Blog Categories
Alert: Fraudsters Stealing Bank Account Details via Fake Facebook Pages
I recently received an SMS notification from my bank about possible fraudulent activity on my credit card account. While waiting for an agent to take my call, I browsed...
How Phishers Abuse Hypertext Transfer Protocol Secure (HTTPS) Protocol
What is the first thing that comes to mind when we see sites using HTTPS protocol? Subconsciously we tend to trust these sites presuming that all that we see and/or...
SolarMarker Backdoor Pretends to be Legit PDFescape Installer
The modified installer of legit "PDFescape Desktop Installer" app looks like this: Fake PDFescape Desktop Installer App SHA-256:...
Dissecting a UnionBank Phishing Campaign
We have been seeing email notifications about login attempts to UnionBank online accounts, prompting users to reset their password if they found the login attempts were...
Fake DocuSign Download Page Leads to Hentai Onichan Ransomware
We recently received samples that we suspected were “phishy” in nature, but after analyzing the email attachment a severe threat was exposed. Figure 1.0 Email sample...
A Dridex Phishing Campaign
The “Purchase” themed email is a commonly used subject in phishing campaigns. Threat actors can easily scrape the internet, in other words, specific data is very easily...
Loose SPF, DKIM, DMARC, and ARC Settings Sabotage Security
It’s safe to say that all of our Cyren Inbox Security customers use the native Office 365 security capabilities of Exchange Online Protection and Advanced Threat...
“Are you satisfied?” Cyren sees increasing use of forms in account takeover attacks
Every internet user participates in surveys every day: “Do you like our service?” “Are you satisfied with the order?” “Please, fill the form below to make us better for...