loader gif

The malspam security products miss: banking and email phishing, Emotet and Bushaloader

The malspam security products miss: banking and email phishing, Emotet and Bushaloader (Malware and Vulnerabilities)

This set-up also gives us a unique insight into the kinds of emails that are more likely to bypass email filters. During the past week there were two phishing emails (in our definition phishing emails include those with a malicious link) that bypassed most of the email security products in our lab: one that masqueraded as a message (in English) from a Bulgarian bank, and another that masqueraded as a message from Microsoft Office 365. Banks have, for obvious reasons, long been a target of phishing campaigns, while email account credentials are valuable both for the content of the mailbox and for the ability to send emails from them. The use of legitimate services or compromised domains for links helps the emails bypass domain-based blocklists, which is a first step towards bypassing email filters.

loader gif