BitDam Detects New Phishing Trends in December

BitDam, through this ongoing monthly series, today announced its detection of the leading phishing trends throughout December 2020, including more spoofing surrounding O365, fake Zoom invitations, and phishing attacks with attachments.

December’s findings include:

Fake Zoom Invitations Bypass Office ATP

  • BitDam noted the increased prevalence of a phishing email that looks like an invitation to a Zoom meeting containing a link to a video conference. Clicking it leads to a fake Microsoft login page asking for the user’s Office 365 credentials.
  • The fake webpage is hosted on a Google service which is considered safe by reputation-based security engines, allowing the email to bypass email defenses like Office ATP.
  • More details here.


A Growing Number of Phishing Attacks with Attachments

  • htm and html attacks are becoming more popular. They account for 25% of all phishing attacks BitDam detected in December compared to close to 0% in November and <5% in previous months.
  • The fact that these fake webpages (which typically impersonate Microsoft) are sent as attachments rather than links, makes it difficult for many email security solutions to detect them as phishing attempts.

Tailored O365 Fake Login Pages

  • Following a drastic drop in the prevalence of these attacks in the past few weeks (during November and the beginning of December), phishing scams that use tailored Office 365 fake login pages are back big time.
  • BitDam first reported this trend in October. Starting on the 2nd week of December, BitDam observed another wave of these attacks, which had almost disappeared in November, at its customer base.
  • More details here.

“As we turned the page on 2020, at BitDam we noted the continued evolution of phishing attempts and the creation of new log in pages that played host to malware.  What was most interesting was how hackers are ensuring their threats are passing reputation-basedbarriers,” said Liron Barak, CEO of BitDam. “We continue to stay ahead of the curve in identifying these threats, but more importantly the trends and changes that occur with hackers and malware. We plans to share our findings each month to ensure our customers and readers know exactly what we do regarding the trends and changes in the most prevalent spoofing and malware tricks.”

BitDam offers a free phishing scanner that identifies phishing links with the press of a button. The scanner is available at https://bitdam.com/is-this-phishing/. BitDam ATP protects email, cloud drives and instant messaging platforms from advance threats including malware and phishing.

For more information about BitDam’s offerings please visit:  https://bitdam.com

 

BitDam, through this ongoing monthly series, today announced its detection of the leading phishing trends throughout December 2020, including more spoofing surrounding O365, fake Zoom invitations, and phishing attacks with attachments.

December’s findings include:

Fake Zoom Invitations Bypass Office ATP

  • BitDam noted the increased prevalence of a phishing email that looks like an invitation to a Zoom meeting containing a link to a video conference. Clicking it leads to a fake Microsoft login page asking for the user’s Office 365 credentials.
  • The fake webpage is hosted on a Google service which is considered safe by reputation-based security engines, allowing the email to bypass email defenses like Office ATP.
  • More details here.


A Growing Number of Phishing Attacks with Attachments

  • htm and html attacks are becoming more popular. They account for 25% of all phishing attacks BitDam detected in December compared to close to 0% in November and <5% in previous months.
  • The fact that these fake webpages (which typically impersonate Microsoft) are sent as attachments rather than links, makes it difficult for many email security solutions to detect them as phishing attempts.

Tailored O365 Fake Login Pages

  • Following a drastic drop in the prevalence of these attacks in the past few weeks (during November and the beginning of December), phishing scams that use tailored Office 365 fake login pages are back big time.
  • BitDam first reported this trend in October. Starting on the 2nd week of December, BitDam observed another wave of these attacks, which had almost disappeared in November, at its customer base.
  • More details here.

“As we turned the page on 2020, at BitDam we noted the continued evolution of phishing attempts and the creation of new log in pages that played host to malware.  What was most interesting was how hackers are ensuring their threats are passing reputation-basedbarriers,” said Liron Barak, CEO of BitDam. “We continue to stay ahead of the curve in identifying these threats, but more importantly the trends and changes that occur with hackers and malware. We plans to share our findings each month to ensure our customers and readers know exactly what we do regarding the trends and changes in the most prevalent spoofing and malware tricks.”

BitDam offers a free phishing scanner that identifies phishing links with the press of a button. The scanner is available at https://bitdam.com/is-this-phishing/. BitDam ATP protects email, cloud drives and instant messaging platforms from advance threats including malware and phishing.

For more information about BitDam’s offerings please visit:  https://bitdam.com

 

Schedule a Demo

Enter your email to get a free trial invitation