By David Balaban
Cybercriminals are increasingly choosing to cash in on human gullibility rather than the security flaws of software architecture. Phishing, the dominating vector of social engineering attacks targeting individuals and businesses alike, has seen a huge spike over the past few years.
Although the white hats have had some success in detecting and thwarting these hoaxes through features like email gateways, phishers still appear to be at least one step ahead with their tactics. Several recent campaigns have demonstrated how evasive the present-day phishing attacks can get.
One such intricate phishing stratagem originally spotted in early July 2019 abuses the Microsoft OneNote service to dupe users into visiting a bogus authentication page. In another phishing campaign discovered in mid-August 2019, malefactors are forging Microsoft Office 365 voicemail notifications to get victims on their hook.
Take a journey here on ITSPmagazine as David reveals how these schemes work and how users can prepare to spot them before falling victim.