Aktuelles
Research: How Threat Actors are Pitting Email Security Products Against Each Other
July 2024 by Cofense
Cofense Intelligence released research detailing a new tactic threat actors are employing to pit email security products such as secure email gateways (SEGs) against each other.
Through this tactic, threat actors are taking advantage of the fact that SEG systems often don’t scan URLs that are already encoded using a technique called SEG encoding.
Key findings include:
• The 4 tools most commonly used by threat actors are VIPRE Email Security, BitDefender LinkScan, Hornet Security Advanced Threat Protection URL Rewriting, and Barracuda Email Gateway Defense Link Protection.
• A large number of campaigns themed around content requiring a signature spoofed DocuSign.
• Second only to DocuSign, Microsoft was the most commonly spoofed brand in email campaigns using SEG-encoded URLs in Q2 2024.
