sincity Posted August 8, 2019 Share Posted August 8, 2019 A new wave of phishing attacks, disguised as an email from DocuSign, aimed at obtaining user credentials from all major email providers has been discovered by the Cofense Phishing Defense Center.DocuSign is an electronic signature technology that is used by businesses and individuals to exchange contracts, tax documents and legal materials. The threat actors behind this new wave of phishing attacks are using this legitimate application to trick users into handing over their credentials.The attack begins when a user receives an email that appears to be from DocuSign as it includes its actual logo and the content of the message is similar to real emails sent from the company. However, the first line of the message does not contain the recipient's name and simply says “Good day”.Cofense: Why it’s time for everyone to defend against phishingUS utility firms hit by state-sponsored spear-phishing attackGoogle reveals how it stopped phishing attacks for goodFrom the email header, Cofense was able to determine that the threat source originates from the domain narndeo-tech.com. This domain belongs to Hetzner Online GmbH which is a well-known web hosting company based in Germany.Phishing for credentialsLooking deeper into the emails, Cofense's researchers found an embedded hyperlink that redirects to a phishing page which gives six separate options for users to enter their credentials to access the DocuSign document.The threat actors recreated login pages for Office 365, Gmail, Microsoft Outlook, Yahoo!, AOL and Apple iCloud which appear quite similar to the real thing to trick users into handing over their login details. However, cautious users could be made aware of the scheme by looking at the URLs of these pages as they are not legitimate.To prevent falling victim to the DocuSign phishing attack and others like it, Cofense recommends that all users should be cautious when an email instructs them to provide their credentials.Also check out the best antivirus software of 2019http://feeds.feedburner.com/~r/techradar/digital-home/~4/-CuunvxjOr4 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.