Wetransfer vs minbox password#
If a user entered their username and password in an attempt to access this ‘invoice’, the malware would harvest their credentials and send them to the attacker.įigure 3: Antigena Email’s dashboard reveals key metadata behind the emailĬritical for Antigena Email’s detection of this attack was that the email contained an anomalous link. Hidden behind a button reading ‘Get your files’ was a webpage that contained malware but displayed a login page. The subject line of this email – “We sent you an invoice via WeTransfer” – is typical of a solicitation attack. This email was directed at an employee in the accounts department of a financial services organization in the APAC region.įigure 1: An interactive snapshot of Antigena Email’s user interface We’ve seen similar attacks recently with both QuickBooks and Microsoft Teams. This is a common technique deployed by attackers, who find success in masquerading behind the trusted brand of well-known SaaS vendors. These attacks attempt to deploy malware into the recipient’s device and further infiltrate an organization.
Wetransfer vs minbox free#
Why not stay up-to-date with MailGuard's latest blog posts by subscribing to free updates? Subscribe to weekly updates by clicking on the button below.In recent months, Antigena Email has seen a surge in email attacks claiming to be from file sharing site WeTransfer. Talk to a solution consultant at MailGuard today about securing your company's network. Speak to the MailGuard team today to learn more how MailGuard's predictive and advanced email security can help protect your business f or a few dollars per staff member per month. Just practising good common sense isn’t enough anymore, because for scammers it’s a numbers game they know that if they keep sending their scams, sooner or later we will slip up and do something we shouldn’t. Take you to a landing page or website that does not have the legitimate URL of the company the email is purporting to be sent from.Įven the most experienced and savvy email users can have a moment of haste, carelessness or fatigue when their guard is down.Ask you to click on any suspicious links.Are from businesses you’re not expecting to hear from.Are not addressed to you by name, have poor English or omit personal details that a legitimate sender would include (e.g.Instead, this email simply states that "someone sent you files via WeTransfer".Īs a precaution, avoid clicking links in emails that: Legitimate WeTransfer emails also typically contain information on the sender of the file, unlike this phishing email. However, no user-specific information is used, such as the recipient’s name. For example, the recipient’s email address is used within the email body and subject. However, eagle-eyed recipients would notice several red flag that point to the email’s illegitimacy. This motivates the recipient to click on the provided link right away, distracting them from checking the sending address of the email and looking out for any other errors. This email also attempts to intrigue telling the recipient that a new file has arrived ‘based on your telephone conversation’ creates a sense of curiosity. All this serves to elicit a more confident response from recipients who think they are, in fact, viewing a document from the popular file-sharing cloud platform. Several techniques have been employed in this particular email to look like a genuine notification, including the usage of high-quality graphical elements in the phishing page, such as WeTransfer’s branding & logo.
MailGuard urges all recipients of this email to delete it immediately without clicking on any links. The phishing site never moves from this page. Upon ‘logging in’ and clicking on the link to ‘download file’, users are shown a response stating the password entered is incorrect.
Unsuspecting recipients who click on the link are led to a fake WeTransfer-branded login page. A link is provided to "Download your docs here" The email body is poorly formatted, with a blue banner containing "WeTransfer." The message body advises the recipient that they have received a file via WeTransfer. Using a display name of "WeTransfer", the email actually came from one of several malicious senders. That question became all the more pertinent when MailGuard detected a new phishing email scam infiltrating inboxes on 10 th of December 2019 afternoon (AEST). But how can you tell if links to such important documents are safe to click when they appear in your inbox? Confidential business documents such as contracts, legal documents and finance records are commonly passed on from one recipient to another via email.
0 kommentar(er)
