Top Email Protections Fail in Latest COVID-19 Phishing Campaign

Top Email Protections Fail in Latest COVID-19 Phishing Campaign
[Montalbano, Elizabeth. "Top Email Protections Fail in Latest Covid-19 Phishing Campaign" Threatpost, April 1, 2020, www.threatpost.com]

“Threat actors continue to capitalize on fears surrounding the spread of the COVID-19 virus through a surge in new phishing campaigns that use spoofing tactics to effectively evade Proofpoint and Microsoft Office 365 advanced threat protections (ATPs), researchers have found.”

“The emails evade basic security checks and user common sense in a number of ways, to circumvent detection and steal the user’s Microsoft log-in credentials, he said. They also don’t include specific names or greetings in the body of the messages, suggesting they are being sent out to a broad target audience, according to Cofense.”

“While these secure email gateways (SEGs) are designed to safeguard end users from clicking on malicious links and attachments, both failed in a new phishing attack we recently observed,” Mahdavi wrote in the post.”

Sophisticated phishing emails are designed to penetrate through traditional gateway solutions because of their inherit weakness, which is, to prevent delivery latency in email production, analysis needs to be fast and not too deep. RevBits Email Security is designed to stop sophisticated phishing emails by supporting by closing the gap between the outer layer of email security and the users’ inbox. Operating at the client-side, RevBits Email Security conducts powerful-deep analysis on each users’ emails without creating latency. Some of the unique features which provide for superior detection of sophisticated phishing emails are:

  • Email security analysis is conducted at the user endpoint-complete analysis without latency

  • Scaled email security–keep the gateway and add RevBits Email Security to the security stack

  • Patented methodology for detecting page impersonation attacks

  • Thorough DKIM, DMARC, SPF verification

  • Blacklist IP addresses from threat countries.

Contact RevBits