2025-01-30 22:06:31 Pacfic
Email Security Providers Spoofed in Phishing Attacks - 11d
A new report from Cofense has revealed a rise in sophisticated phishing attacks that are now impersonating trusted email security providers like Proofpoint, Mimecast, and Virtru. These attacks utilize fake email attachments, phishing links, and credential-harvesting tactics designed to trick users into divulging sensitive information. By closely mimicking the branding and communications of these well-known security companies, threat actors are able to increase the likelihood that recipients will trust the emails and engage with malicious content.
The report details examples of attackers crafting highly convincing spoofed emails, including ones that appear to be from Proofpoint, Mimecast and Virtru. These emails often include embedded links or attachments designed to redirect users to fake login pages where their credentials can be stolen. While subtle clues such as mismatched sender domains and use of free email services may exist, the emails often appear legitimate. To combat these threats, organizations are urged to implement multifactor authentication, provide employee training on phishing recognition, and utilize advanced threat detection systems.
ImgSrc: d15shllkswkct0.cloudfront.net
References:
- BetaNews - Threat actors spoof email security providers - 12d
- @AAKL - Cofense: Phishing in Disguise: How Email Security Brand Spoofing Erodes Trust More: Threat actors spoof email security providers - 12d
- SiliconANGLE - Cofense report warns of credential-harvesting attacks that spoof Proofpoint, Mimecast and Virtru - 12d
Classification:
- HashTags: PhishingAttacks EmailSecurity CredentialTheft
- Company: Cofense
- Target: email users
- Product: email security providers
- Feature: email security spoofing
- Type: Phishing
- Severity: Medium