cryptocurrency_platform

Damn - Phishing attacks are getting really good, share yours

 

We've been in cybersecurity for years, but the latest phishing attacks are getting really good. They've been to social selling school, sending multiple emails with similar messages, each one more urgent, the latest one I (David Nevin) received this week threatened that Microsoft will shut down my email account.

 

If I was a busy corporate type trying to clear my inbox, it would be easy to click the link to "Resolve the issues with my email".  Good thing they aren't that good at spoofing Outlook accounts to send mail from, and by looking at the email header, it's easy to see that the true sender is Gmo Cloud K.k. from Ota Japan using IP 153.122.42.183. Here is Office-365 Spoof:

 

Apsecuri

 

They did enough research to determine I'm an Outlook-365 User, but their spelling still needs work, it's Microsoft Security Team, not Microsft Security Team.

 

Share your best or latest phishing attack, maybe it'll stop somebody from clicking on the link that's really a CSRF or XSS payload attack.  If you need help determining who is sending the emails so your IT can block future attacks, we'll do that for Free. Contact us at security@appsecuri.com

 

David Nevin
VP Business Development
415-827-5100

Cryptocurrency platform mitigates high severity vulnerability before Server Takeover can be exploited

Servers/databases are the critical assets of the company; it is challenging to keep the data secure ...

Read More

Vulnerability Scanning vs Penetration Testing - Get Clear picture of Both.

At the point when individuals misunderstand the contrasts between penetration testing and vulnerabil ...

Read More
Here you'll find all the latest industry news and research by the experts at Appsecuri.

name


email


phone


message


Congratulations. Your message has been sent successfully.
Error, please retry. Your message has not been sent.

Request our free 24-Hour penetration test and get vulnerability report.


  • Evaluate skills before any type of engagement with Appsecuri.
  • Level-1 Testing with manual approach in addition to static/dynamic.
  • Get a clear picture of root findings with mitigations in the report.
  • 90% of the time we find unknown hidden critical/high vulnerabilities.



Leave a Reply

Your email address will not be published.


Comment


Name

Email

Url