Phishing links hidden by exploiting URL protection services

Hundreds of organizations have been compromised by attacks that involved the exploitation of legitimate URL protection services to hide malicious email links as part of a phishing campaign that began in May, according to reports. SC Media.

Compromised business accounts with URL protection services may have been used by malicious actors to enable the intrusions, which involved the distribution of phishing emails containing fraudulent DocuSign documents and password reset alerts that redirected to malicious sites, a Barracuda analysis has revealed.

According to Barracuda, these findings should prompt organizations to use email security software with multiple layers of defense to protect against potential compromise.

The findings follow a report from Resecurity published in February that detailed the use of Google Cloud and other public cloud services to facilitate the hosting of phishing kits and the generation of legitimate URLs.

Cofense also previously reported that attackers were increasingly leveraging LinkedIn smart links to enable compromises without being detected by email security services.

Read the full story here.

Leave a Comment