Fraudsters take aim at active directory passwords
The fraudulent emails bear the Microsoft logo as well as Dotloop’s official email boilerplate. Dotloop is a US-based platform for conducting real estate transactions in a legally compliant manner. The phishing attack becomes apparent after the recipient has clicked on the button intended to open the contract document. The link leads to a fake Microsoft page, where victims are requested to log in using their email credentials. By looking closely at the browser’s address field, it becomes clear the address is not to be trusted.
“With this password, users are not only granting access to their emails,” underlines Martin Mathlouthi, Product Line Manager Secure Email Platform at Retarus. “As single sign-on is commonplace, this is also likely to be the password for the active directory, allowing the phishers to gain access to other critical company data.”
Avoid online fraud
These phishing emails currently in circulation confirm a trend that security experts at Retarus had already been observing. Poorly designed phishing emails with long, cryptic links and clumsy instructions in error-ridden English are now a thing of the past. The new generation of phishing emails is technically sophisticated, well-formulated, and professionally designed. The shape-shifting scammers disguise themselves as colleagues, supervisors, and business associates, even addressing their victims in the name of official institutions, renowned financial service providers, and online portals.
The Retarus’ Anti-Phishing Guide, which is available for free download, details how employees can best protect themselves from phishing emails (even when working from home), which details to use to recognize well-crafted fraudulent emails, and the best practices for when it is unclear if a message is genuine. The analysts at Forrester also describe what to look out for in an anti-phishing service, and outline the various methods commonly used to defend against phishing in their Now Tech: Antiphishing Solutions, Q1 2019 report.
Advanced Threat Protection
Retarus’ Secure Email Platform provides comprehensive protection, even from highly deceptive phishing emails, by virtue of its Advanced Threat Protection. This includes Time of Click Protection, which checks links contained in emails in real-time and effectively blocks phishing websites.