Security researchers are warning of a “dramatic” increase in the exploitation of legitimate file sharing services to deliver malware in email-based attacks, especially OneDrive.
FireEye claimed in its latest Email Threat Report for Q1 2019 that services including WeTransfer, Dropbox, Google Drive and OneDrive are increasingly being used to host malicious and phishing files.
However, while Dropbox was most commonly used of all the services, OneDrive is catching up fast. From hardly being used in any attacks in Q4 2018, it shot up by over 60% in the intervening months.
Hackers are using such services as they bypass the initial domain reputation checks made by security tools.
Detection filters are also challenged by the use of “nested emails.” With this tactic, a first email contains a second email as attachment, which in turn contains the malicious content or URL.
FireEye also warned of a 17% increase in total phishing emails spotted over the previous quarter, with the most-spoofed brands including Microsoft, followed by OneDrive, Apple, PayPal and Amazon.
Hackers are increasingly using HTTPS in phishing attacks featuring URLs in a bid to trick users into clicking. FireEye observed a 26% quarter-on-quarter increase in the tactic, which exploits the consumer perception that HTTPS is inherently secure.
In fact, the FBI was recently forced to issue an alert warning that HTTPS and padlock icons in the address bar are not enough to prove the authenticity of sites.
It said that users should resist clicking on links in unsolicited emails, it added.
Finally, FireEye warned that cyber-criminals are expanding their repertoire when it comes to BEC attacks.
In one version they target the payroll department with requests to change the bank details of senior executives with the hope of diverting their salary. In another, they focus on accounts payable but pretend to be trusted suppliers who are owed money, instead of the CEO/CFO.
Written by: Phil Muncaster
Image via shutterstock
Microtechs 24x7x365 White label support services
Based in Surrey, Microtechs are an established and experienced end user support centre. Our Help desk and NOC experts can monitor your servers and support queue (email, RMM & phone) 24×7 or just as overflow. The Microtechs White Label support service offers a cost effective, 24×7 support option perfect for providers with an expanding customer base.
You may ask yourself:
- How can I offer support 24/7 without the stress & cost of recruiting and training?
- How can I free up my team’s time, to enable us to grow the business?
- How can I improve my bottom line?
Microtechs can help.
- Office hours or 24/7
- UK based from Guildford, Surrey
- 1st & 2nd line / NOC and incident management capabilities
- Ability to learn bespoke applications
- All white labelled to your brand
- 25-50% reduction in overheads
- Pricing from £500 per month
- Sole traders through to enterprise companies supported
Here’s what our customers have said;
“Using Microtechs to extend the helpdesk capabilities for our organisation has been a very worthwhile venture for us. The transition was very easy and simple, and we have found the Microtechs staff to be both knowledgeable and professional; in their dealings with our clients.”
“My customers receive a polite service and their issues are dealt with quickly and professionally. In short Microtechs provide a courteous, effective and cost-efficient service that enables me to offer my customers 24/7 support without the associated expense.”
It would be great to have a chat with you and understand a little about your business, even if you are not quite ready to outsource.
Live chat us now or call 01483 407417