Remember meForgot password?
    Log in with Twitter

article imagePhishing attack used Box to land in victim inboxes Special

By Tim Sandle     Sep 7, 2020 in Technology
It has been revealed that a phishing attack targeting government and security organisations used a legitimate Box page with Microsoft 365 branding to trick victims. Ed Macnair explains more.
It appears the credential phishing campaign used a legitimate Box webpage and exploited the widespread trust in Microsoft 365 in order to capture victims' credentials in a convoluted attack chain.
To gain an insight into the attack, Digital Journal caught up with Ed Macnair, CEO of Censornet.
Macnair begins by detailing the form of the attak and how it works in practice, explaining: “This is yet another example of the growing trend of cross-channel attacks, which build on the traditional phishing technique to make it harder to spot and block. They use legitimate landing pages and Microsoft branding to lure in unsuspecting victims and dupe them into handing over their details."
Macnair says the targets are also of interest: "The targeting of government and cyber security organisations shows that even those with the most sophisticated security can be tricked by this complicated attack technique."
Looking at the form of the attack in more detail, Macnair notes: "With cross channel attacks, the criminals leverage the trust that people have in applications like Box and exploit gaps in and between their security systems. What starts as an email attack, through various misdirects and redirects becomes a web security issue, and by focusing on capturing the credentials for business critical sites and applications like Office 365, attackers open up the lucrative doorway to compromise whole application suite environments."
In terms of lessons for businesses, Macnair says: "It is important to maintain a level of caution around third party apps, however regularly we may use them, and especially any message asking for credentials. Organisations must educate employees on best practice so that these cross-channel attacks are spotted early and treated with caution."
Things don't end here Macnair adds: "As phishing scams grow in sophistication, employee education needs to be bolstered with effective security measures. These attacks are no longer limited to email, so security measures also need to evolve to meet new demands. This means integrating and sharing threat information between email, web, and cloud security to make sure threats do not slip through the gaps. In addition, multi-factor authentication can help protect compromised user accounts from being used for business email compromise or account takeover attacks.”
More about phishing attack, Box, Cyberattack
Latest News
Top News