BitDam Detects New Phishing Trends in September

September brought phishing with Adobe user credentials and a new CAPTCHA evasion technique as phishing threats continue their upward trajectory in 2020

Through this ongoing monthly series, BitDam announced its detection of the leading phishing trends throughout September 2020, including the ongoing popularity of the Microsoft brand as a phishing target.  September’s findings include:

 

An increase in Adobe user credentials stolen using an html attachment

  • BitDam observed growth by hundreds of percentage points in the number of phishing attacks that utilized an html attachment instead of a link. This malicious html sends victims to something that looks an Adobe webpage, asking for their credentials.
  • BitDam has previously seen this attack technique, but it was quite rare. It became much more common during September, with many of BitDam customers targeted by this attack.

     

 

The use of CAPTCHA as an evasion technique for phishing attacks

  • BitDam identified a drastic increase in the number of phishing attacks using a CAPTCHA defender to bypass security tools. These attacks bypassed leading Secure Email Gateway (SEG) solutions and even Advanced Threat Protection products including Office ATP and Proofpoint TAP.
  • The prevalence of this phishing technique among BitDam’s customers grew by hundreds of percentage points last month. Scanning all attacks from various feeds, BitDam observed the same trend elsewhere, as well.
  • There are additional details in this blog post.

Microsoft continues to be the most popular fake brand

  • In August, 18% of the phishing attacks detected by BitDam were impersonations of Microsoft, with it being the most common brand faked by phishing scammers. This trend continued in September, where almost 20% of the phishing attacks detected by BitDam were impersonating Microsoft, luring users to enter their Microsoft usernames and passwords.

 

“Phishing attacks continued to rise and that was certainly not surprising. What was unique in September is that some previously identified low-level attacks grew exponentially in their prevalence,” said Liron Barak, CEO of BitDam. “As phishing attacks continue to evolve, here at BitDam we have the experience and expertise to stay one step ahead of those bad actors who are looking to steal your data. We’re happy to keep our customers and anyone else interested updated on the latest trends in phishing techniques.”

BitDam offers a free phishing scanner that identifies phishing links with the press of a button. The scanner is available at https://bitdam.com/is-this-phishing/. BitDam ATP protects email, cloud drives and instant messaging platforms from advance threats including malware and phishing.

September brought phishing with Adobe user credentials and a new CAPTCHA evasion technique as phishing threats continue their upward trajectory in 2020

Through this ongoing monthly series, BitDam announced its detection of the leading phishing trends throughout September 2020, including the ongoing popularity of the Microsoft brand as a phishing target.  September’s findings include:

 

An increase in Adobe user credentials stolen using an html attachment

  • BitDam observed growth by hundreds of percentage points in the number of phishing attacks that utilized an html attachment instead of a link. This malicious html sends victims to something that looks an Adobe webpage, asking for their credentials.
  • BitDam has previously seen this attack technique, but it was quite rare. It became much more common during September, with many of BitDam customers targeted by this attack.

     

 

The use of CAPTCHA as an evasion technique for phishing attacks

  • BitDam identified a drastic increase in the number of phishing attacks using a CAPTCHA defender to bypass security tools. These attacks bypassed leading Secure Email Gateway (SEG) solutions and even Advanced Threat Protection products including Office ATP and Proofpoint TAP.
  • The prevalence of this phishing technique among BitDam’s customers grew by hundreds of percentage points last month. Scanning all attacks from various feeds, BitDam observed the same trend elsewhere, as well.
  • There are additional details in this blog post.

Microsoft continues to be the most popular fake brand

  • In August, 18% of the phishing attacks detected by BitDam were impersonations of Microsoft, with it being the most common brand faked by phishing scammers. This trend continued in September, where almost 20% of the phishing attacks detected by BitDam were impersonating Microsoft, luring users to enter their Microsoft usernames and passwords.

 

“Phishing attacks continued to rise and that was certainly not surprising. What was unique in September is that some previously identified low-level attacks grew exponentially in their prevalence,” said Liron Barak, CEO of BitDam. “As phishing attacks continue to evolve, here at BitDam we have the experience and expertise to stay one step ahead of those bad actors who are looking to steal your data. We’re happy to keep our customers and anyone else interested updated on the latest trends in phishing techniques.”

BitDam offers a free phishing scanner that identifies phishing links with the press of a button. The scanner is available at https://bitdam.com/is-this-phishing/. BitDam ATP protects email, cloud drives and instant messaging platforms from advance threats including malware and phishing.

- Video Talk -

Get into The Phisher's Mind

28 October, 10am EST

Schedule a Demo

Enter your email to get a free trial invitation